Lets talk Cyber security shall we?
This topic is more important now than ever. Your data has never been more readily available to people trying to get it. And it’s never been so valuable to hackers and bad people as it is now.
I’m going to break this down into two parts, your personal data security and securing your website.
Your Personal Security
It’s everywhere guys, and it’s wonderful!
There are two things you need to look out for though.
The right network
When sitting down at Mcdonalds for a cheese burger, an icy cold Coke and a social media session on their free WIFI, you first need to make sure you log in to the right network.
See, hackers like public areas. They can easily create WIFI networks and call them anything they want. Like, oh I don’t know… maybe something like FREE MCDONALDS WIFI. You see it and don’t think twice. Once you log in, they’ve got you.
Another scenario. You’re staying at a hotel and see a network called HILTON FREE WIFI, go to the front desk and ask an employee what the network is called. The real network could actually be HLTN NETWORK. Had you logged into the wrong one your data is pretty much no longer your property and you could be in trouble. Pretty tricky right?
You need my password?
If you’re logged in to a network at a public place and all of the sudden you get a pop-up saying you need to re-enter your password for Gmail, your Apple ID or something else, think twice before putting it in. Try to access the service without entering your username and password, and if it is working, someone is on the network doing something fishy.
This is another common trick hackers use. It’s called phishing. Remember that big celebrity hack that made the news a few years back? This was ALL done through an elaborate phishing scam. Be very careful about putting your username and password into a random pop-up.
Your data really is not safe on a public network even if you’re on the right one. So what is the solution?
You need a VPN
A what? you ask. It’s short for Virtual Private Network. It’s a very cheap service that can save you from a lot of problems.
I use a VPN every day whether I’m out and about or at home. The one I recommend is Nord VPN Because it’s affordable, has a great reputation and is VERY easy to use on all of your devices.
Here is how it works:
A VPN is a program on your computer or even just an extension installed on your web browser, that encrypts all information going to and from your computer. It sends it through a tunnel and out one of their servers. Nord VPN has over 6000 servers making this really easy and convenient where every you are located.
You will not even notice a difference, your internet will still be super fast, but you’ll be able to do anything online without being spied on by others on the network, or even your internet service provider who wants to sell your browsing history for extra profit (looking at you Comcast!)
I promise having a VPN is so worth it.
Other notes: Getting the HTTPS Everywhere chrome extension is another way to be secure online
Now let’s talk website security
I’m nearly certain you’re using WordPress, unless you’re a developer and know a thing or two already about security.
So I’m simply going to list 3 things every WordPress website needs to stay secure.
A Strong Password
This one is totally obvious. But working with clients over the years you would not believe some of the insanely dumb passwords I have seen. Please please please use at least a 10 character password that includes numbers, symbols and capital and lowercase letters.
Here is a trick I use in 4 easy steps:
- Pick three unrelated nouns
- Write them out with capitols and lowercase letters
- pick a few letters that could be replaced with symbols
- add a couple symbols to either the beginning or end of the password
They will be easier to remember, and SUPER secure.
side note: I have a client that sells premium wood products. They got hacked because of bad password usage and their site was injected with Viagra ads like you wouldn’t believe. The owner did comment on the coincidence with their hard wood products lol.
A Good Security Plugin
Many people like Wordfence. I’m personally a fan of Defender Pro. You just need something that will take you through a few steps of hardening your website against attackers and bots.
Backups and More Backups
Make sure your host takes hourly and daily backups of everything (we do! in case you were wondering) then have your own system of taking backups that are off of the server. My personal favorite ways to take backups are with the Snapshot Pro plugin or Updraft Plus. Have these backups daily or weekly depending on how often you make changes and keep at least 3 backups.
Cloudflare is amazing! They also have a really really good free version you can use! Make sure to use them. If your site is ever under attack you can log in and have it filter out the bot traffic so you don’t need to worry about it.
Also NEVER log in to your website on public WIFI unless you are using a VPN.
Pretty easy stuff, right?
Just do me a favor and at least get a VPN right now, ok?