You may have heard about some of the more prominent data breaches reported in the news. If you store sensitive customer data such as personally identifiable information, health records, financial records or credit card information, your business is at risk. Even if you don't process that information through your website, you still have to understand the possible risks to your data from the outside... and the inside. Many don't think about the fact that your employees are one of the risks that must be considered in protecting data. Both malicious and accidental situations can place your customers' data, and you, at risk. Employee-caused breaches can usually be avoided by implementing good hiring and training practices.
To protect your business from outside hackers you must hire a qualified Information Technology (IT) company to insure you have closed all possible penetration points into your data. If you have a wireless network configured for your business, it may offer an easy gateway into your data. Or perhaps your servers were never configured properly from the start and offer hackers easy entry. Webtivity Design Solutions has partnerships with qualified IT companies in the area who can close these security gaps and help you protect your business.
Web Application Security
If you offer ecommerce or process sensitive information through your website, you must insure your payment gateways, administration panels and databases are secure. While nothing can be considered "hacker proof," there are many best-practices your web development company must follow in order to protect you. Unfortunately many developers do not follow these best practices, or are not adequately trained and are unaware they are opening you to significant risk.
Some best practices deployed by Webtivity Design Solutions:
- strong passwords
- routinely changing passwords
- no hard-coding of passwords
- SSL encryption
- secure, firewalled hosting environment
- deleting or securing old database setup files
- manual setups for "boxed" applications (such as Content Management Systems)
- login checking in administration panels
- error pages
It is imperative to hire an experienced web development company for your project, especially if you are managing sensitive information. The additional investment at the outset of your project far outweighs financial losses and loss of trust from your customers if your data is breached.