Yesterday we reported on the Russian Crime ring that is alleged to have personal data of over 1.2 billion unique internet users. So we thought we’d provide you with a few tips to help keep your website data and personal information safe.
Password Management
If you think about every site you’ve registered for; how different is the login information for each of them? If someone were to get into one account would they be able to access all of your accounts?
Password variance adds an extra layer of protection to your online accounts. Our recommendation is to use both upper and lower case letters, numbers, and for sites that allow it, special characters such as @, $, %. It can be hard to remember all of your password iterations but there are services such as Last Pass which uses government level encryption to help manage your passwords. They offer both a free and fee based service.
Phishing – Check where the request is coming from
We’ve all received them – those emails from your Linked In, PayPal, email provider, and other trusted sites, sending you some urgent notice about your account. A great way to check that you are legitimately receiving important notices is simply to look at the site that is sending them. If they the email or website address doesn’t match the supposed senders site address, delete it. If you are unsure, navigate to the legitimate website and contact them directly about the issue.
Update! Update! Update!
Hackers can often find security holes in the technology used to create websites and apps. Many updates will contain patches to secure any points of weakness, and should never be ignored.
This rule doesn’t simply apply to your computers operating system or phone apps. If you are a website owner it’s important to keep on top of updates for any technology involved in creating your website.
HTTPS & SSL
HTTPS sites use what is called a “Secure Socket Layer.” Predominantly this is used for sites that require account creation and payment information, although many sites are now switching to using HTTPS for their entire site. If you’re not sure if your information is safe, check for the lock symbol in the web address bar.
A great tool for checking the security of your own site or a site you are visiting is SSL LABS. If you would like to find out more about moving your site to HTTPS the YouTube Google Developer channel have released a great video. Some of the information is quite technical, but there is also a lot of great information for basic users.
For SEO’s it’s also important to note that Google is now giving a slight ranking boost to those sites that are using HTTPS.
It may be out of your hands
There are many ways for site security to be compromised. Historically the more reputable the site the better your chances were of keeping your information safe. However, over the past few years that hasn’t been the case. Big businesses have largely been the target in recent attacks. Sony, Facebook, Microsoft, Twitter, Ebay and Target have all fallen victim to hackers, often losing large amounts of sensitive profile and financial data.
It’s sad, but true. You can be vigilant about your own actions on the web, but if you’ve signed up for a service and have supplied them with your personal or financial information, your information is only as secure as their system.