Is your website really safe?
The internet is a dangerous place.
Any web developer – heck, any casual observer – would easily agree with that statement.
Threats range from hacked websites to online phishing schemes, to the installation of malware, to the harvesting of your personal or financial information to sell on the dark web. There is no shortage of opportunistic, thieving (and yes even bored) people out there who want to ruin your day.
So, how does a person, or an organization, or a company, stay protected?
If you have a website, you’re vulnerable. Here at Red Sage, we take web security incredibly seriously. Far more seriously, actually, than many marketing and web development companies our size. We go to painstaking lengths to make sure our client’s websites are not only protected but also prepared for the very real (and growing) threat of an online attack. Every website Red Sage builds and hosts is set-up on multiple security and backup systems, and our hosting partner, Cloud Access, maintains optimal platform and physical security Here’s a more detailed dive into how we keep our hosted websites safe:
- Your website is set-up on a system monitoring for software updates. These updates are made as soon as we determine the latest version of the software in question is stable enough to be installed.
- Your website is monitored for downtime. If our systems detect any sustained interruption in the connection to your site, we are notified and take the appropriate action to get it back up and running.
- Your website is constantly being monitored by a server-side scanning system that takes regular inventory of the files on your site’s database, and notifies us if it detects any unauthorized changes.
- Your website is protected by a set of tools that detects any attempted brute force attack (where a hacker will attempt to log in to the administrator area of your site, using random passwords and usernames.) Any IP addresses where these brute force attacks are coming from will be blocked from accessing your site.
- Regular backups are taken of your website and stored in a remote Amazon S3 server. This means that if a hacker somehow manages to affect your site, we can restore the site to a previous version in short order. We maintain multiple backups, so even if there is a trojan horse attack (an attack where a piece of code is inserted to be activated at a later date) we can restore your website from a previously clean version.
As you can see from this list of features, we go out of our way to ensure our clients’ online presences are as safe as possible – offering enhanced security that freelance web designers and many other small marketing or web design companies can’t provide.
That list of features is growing too.
Our latest security enhancement is the inclusion of a basic transport layer security (or SSL) certificate on most sites that we host. In case you are unfamiliar with this feature, here’s a brief review on why having an SSL certificate on your website is so critical.
In October of last year, Google joined other developers in implementing a new security feature on its Chrome internet browser application, that notifies a user when they are accessing a webpage without an SSL certificate. An SSL certificate is a secure, cryptographic (or secret) protocol that ensures the data transmitted between a website’s server and an internet browser remains secure during its transmission. This is especially important for websites that contain any form of payment processing, contact form, secured portal, or any other component that requires a user to input sensitive information. SSL’s are becoming increasingly important for all websites, regardless of their content, as hackers and producers of malware increasingly focus on intercepting website information in order to gain access to the computers accessing these websites. It is because of the increasing need for security online that Google has introduced this new feature to Chrome, one of today’s the most popular internet browsers.
Red Sage has continually monitored this change and is now able to provide a long-term solution for our customers, which is both cost-effective and sustainable. The SSL certificate solution provides an additional layer of security and prevents Chrome, or any other browser, from displaying a warning message about website security to those accessing your site. This solution should not impact the performance or functionality of your website in any way. You can learn more about the SSL certificates we use on most of our sites here. For clients with a high profile or high visibility website, we have an even more involved option, which offers additional, dedicated SSL security. We also offer optional hosting security packages that will provide added layers of protection, beyond our standard approach mentioned above. It does come at an additional annual cost added to a client’s standard hosting fee.
OK. If you’re still reading this blog at this point, hopefully, you’ve picked up the message that security is a big deal in the web world – more so now than ever.
Many website designers haven’t kept up – and anyone considering the development of a new website should consider not just what it looks like, but how it’s built, how it will be used, and what security measures are being implemented.
Considering a new website? Give us a call and we’ll walk you through some options. Excellent customer service is our highest priority, and Red Sage works with clients across the country – not just in Decatur, Huntsville or Alabama. Call us at 256.560.0098 or email firstname.lastname@example.org to get started. We would love to help you build a beautiful, mobile-responsive, sustainable, and secure website!