Before I started working for a tech company, I didn’t know a whole heck of a lot about website security. I’d used the same password since 2002. I still thought of patches as little more than colorful bits of cloth for covering holes in my favorite jeans. Green address bar in the Web browser? Prettyyyy.
You get the idea.
Over time, I’ve come to realize the importance of taking strategic steps to secure information online – whether it’s credit card data, login info, or the stuff website visitors enter to sign up for a newsletter. Launching a website to help promote and sell a book I wrote kick-started my online security awakening. Going to work for a company that takes online security so seriously drove its significance home.
If you do any sort of business online, you need to understand the basics of website security.
This guy can help
If you’re looking for website protection advice, you can’t do a whole lot better than Neal O’Farrell. The executive director of the nonprofit Identity Theft Council was recently appointed senior advisor to the Stock Act panel (a study mandated by Congress to look into the security, privacy and other implications of the Stock Act). As a member of the FCC’s Cybersecurity Roundtable Working Group, Neal also helped develop their online Small Business Cybersecurity Planning Tool.
Neal’s Top 10, in a nutshell
- Look in the window.
- Understand what the risks are.
- Focus on passwords.
- Consider a dedicated computer for developer access.
- Create a list of your Top 10 security rules.
- Make sure you’re PCI compliant.
- Don’t forget to get physical.
- Control who you give access to.
- Choose your Web hosting provider carefully.
- Review your security regularly.
My personal favorite? No. 3. I sometimes find myself dreaming about unique passwords. Seriously.
[Full disclosure: Neal O’Farrell is an advisor to SiteLock, a security product that GoDaddy offers.]
Also published on Medium.