Tips to protect your website and business
Owning and operating an online marketing company which does a lot of website-based work has taught me many lessons.
An experience I was not expecting to learn is that many small businesses do not know how their hosting works.
- What company hosts the Website and how secure is it?
- Where is the domain registration information and who can access it?
- How is site speed measured and mobile friendliness tested?
- Is there a regular backup system in place to reboot their site should something fail?
- Every business owner today, in my opinion, needs to understand the answers to these questions.
Here is a “mini-guide” as to what to ask, regardless of any coding or hosting knowledge.
Who Let the Dogs Into the Website?
Revelation number one for me was learning many first time clients to my company did not know who had admin, or editing, access to their Website. This was especially true with Content Management Systems sites like WordPress, Joomla, and Drupal.
There are many plugins for WordPress and other CMS platforms that can alert you of each admin, or any “level” account, log in.
If you have an increasing number of team members contributing to your site, is it not worth the time to be completely comfortable with all content, and contributors, published?
Think of it as quality control for your business.
I recommend using a password manager to keep access restricted.
Leading password managers, like LastPass, allow you to share logins with team members while never revealing the actual password.
It will also automatically log the person as they sign into the site.
As a business, it is critical that you know and control everyone that can access your Website.
Depending on the size of the company, admin logins should be only for business owners and development staff – that is it.
No one needs admin access to add or modify content.
You can set these folks up as contributors or editors. Regardless, they don’t need admin access.
Email Is a Separate Issue.
Often, email has been set up separately from the domain hosting.
You can have your host directly “run” your email, or you can use any “Web” email account for most Websites.
Let’s tackle these two, related, issues.
For a small amount, you have total control over how your email works, who can use an address, plenty of storage per address, etc.
Is it worth the bevy of issues that arise to host and administer your company email with a typical hosting account?
These solutions also store your email separately from your website and allow you to take advantage of much better security offerings.
Can your Website see the wood for the trees?
Perhaps you’ve been working with a developer that also hosts your Website or an agency that, essentially, does the same thing.
Firstly, there is nothing wrong with this. I do it for my clients.
Unless you have either the experience of running a business site or the desire, it doesn’t make sense for you to spend valuable time doing it.
Regardless, you do need to have several crucial bits of information that many developers and agencies are seemingly not providing.
Here are some questions to keep in mind:
- Number one, is your Website being backed up?
- How often is it backed up? Where is the data?
- Is backed up to a third party site by the developer or agency?
- Do you have direct access to the backups?
- What is your current backup and restore plan?
Did you know that all site information, which includes transactions like purchases, are stored in your database?
What may be missing from the time of failure to when your site recovers?
Can you afford to lose a day of data? What about a week, or a month?
A well-regarded tool for site backup is CodeGuard. If you don’t have a plan yet, use something like this to get started.
Make sure you have a plan. Make sure you speak to the responsible party and have this worked out. If not, cover your tuckus.
Content Delivery Networks
CDN’s are a significant part of the today’s website experience. CDN’s are designed to send your images, videos, code, and other data, across the Web to serve your users as fast as possible.
However, CDN’s route your entire Website’s traffic through their DNS servers – the servers that change the friendly name you enter, like “Google.com” into IP addresses that servers use.
While there is nothing wrong with this, you should know what CDN your Website is using.
How do you access the CDN if necessary? If needed, how can you turn it off?
Website testing is one example of why you would need to do this. Another example may be moving to a different host.
Testing! Is this Website on?
Do you wonder if your Website is fast enough to be competitive? The developer says it’s quick, so it must be, right?
While every developer has an array of tools, most agree that GTMetrix will give you accurate, real-time, third-party testing result.
Just plug your domain in, and watch the fireworks. They even give you a breakdown of why your site is well optimized, or not.
If you haven’t tested your site on GTMetrix, I recommend doing so.
Remember, it’s your business. You need to have control of your Website, and a plan in place if things do not go as expected.
Never take for granted that a plan exists, or that you have the correct information unless you have taken the steps to ensure so.
Have any questions about this post?
If you have questions, or want an independent assessment, please contact me.