Website health check - Part two
Last time we focused on ticking the boxes for GDPR, with a view to achieving 360 degree compliance. This time, we're taking a look at some straightforward steps that can help to keep your website safe and secure.
Do you need all those website CMS users?
If your website has a Content Management System (CMS) to allow you make changes to your website, it's worth taking a couple of minutes to review who has access. Removing old log-ins for past employees is an important security step - one less active user account means one less opportunity for hackers to try and force entry into your website.
Is your website software up-to-date?
Out-of-date websites are most at risk from hackers. Like any software, it's essential to keep your website updated by installing the latest security updates as soon as they become available. At Stack, we offer updates on a one-off basis or automatically as part of a cost-effective annual service contract, so talk to your web developer and check what options are available to you.
When did you last change your website passwords?
Changing your website passwords on a regular basis reduces the likelihood of hackers being able to guess your passwords. If your website has a Content Management System, it's worth changing passwords for administrator accounts to reflect staff changes. You should also contact your web host or web designer and ask them to update the website's server and database passwords. As a simple rule of thumb, if you can't remember the last time you updated your passwords, it's definitely time to update them!
Have you tested your backups?
Having a website backup process in place is essential to help you recover data in the event of an emergency like a server crash. But when was the last time you actually tested your backups? Is all the data there? Is the backup process actually running? Are you storing multiple copies of your data off-site in the event of a fire or flood? This is probably a question for your web designer or web host to answer, but you need to be asking the question now rather than after a data loss event. It's also worth making sure you have a Service Level Agreement in place with your supplier detailing backup processes and turnaround times for recovery should the worst happen.
If you would like further advice on any of the topics above, please feel free to get in touch.
About the author
Phil Peters
Phil is responsible for the design and architecture of our digital services here at Stack and will be your primary point of contact when you get in touch with us. With 18 years of marketing and technical experience in financial services including insurance, share registry and salary sacrifice schemes, Phil delivers proven, high performance solutions for your digital requirements.