Patrick Jones Tech 04.26.2021 21:Apr PM EDT

Taking Your Online Business' Security to the Next Level

Not all security advice is created equal, but it certainly seems that many cybersecurity experts try to dish out tips as though they were. Corporate IT managers and small business owners alike are faced with more threats now than they ever have been, and the numbers just keep getting worse. The thing most people don't realize, however, is that cyberattacks are usually geared toward one platform or another.

With a 74 percent market share among desktop users, machines running Microsoft Windows are among those most likely to develop serious security problems on your company's network. While you might consider switching away from the platform, this isn't always an option. Avoid public wireless networks with these PCs and ensure that they're updated regularly. Once you have the client-side sorted out, you'll want to focus on potential hosting threats.

Reducing Your Server's Attack Surface

Shared hosting services are extremely popular and they're inexpensive, but they might not be the most secure option available. Due to the communal nature of these platforms, they're at a higher risk for potential data leaks. Some computer security experts have suggested using managed VPS hosting technologies that insulate each instance of web server software from one another. That prevents one compromised site from causing leaks to spread across an entire system.

While you might be very diligent with keeping everything up to date on your own system, there's a good chance that other people who share the same server with you aren't as security-minded. Account verification failures like those that happened to WhatsApp could lead to an entire system's worth of information getting leaked to the clearnet. In the most serious situations, these leaks could include passwords in plain text format. These kinds of attacks are admittedly rare, but they do happen and could cause a substantial amount of damage for those who work in the eCommerce industry.

Some browsers are no longer supporting sites that don't use the HTTPS protocol standard, so making some changes to your server could be important for visibility as well as security. You want to be sure that the maximum number of potential clients are able to see your site so that you don't start losing out on your audience. At the same time, having your site support the HTTPS protocol will ensure that prying eyes are kept far away from your client's shopping carts.

Assuming that the security position on your server is safer, you might want to start thinking about email.

Hardening an Aging Standard

Some people might think of email as the Internet age's equivalent of a dinosaur. It's certainly been around longer than most other communications protocols and a few commentators have suggested replacing it with social media accounts. The fact remains, however, that it's an extremely secure and efficient way to keep in touch with your clients when it's used properly. Hardened business email accounts are hard to beat because they're so much more secure than those offered by outside organizations. Perhaps most importantly, they're considerably more secure than most other competing technologies like SMS text messages.

Entrepreneurs often believe that they're secure if they're using an email service from a major provider. This is often not the case, however. A series of 11 unknown exploits allowed attackers to gain control of some aspects of Google's services last year. When this happens, it's likely that bad actors could theoretically execute arbitrary code. That means they'd be able to do virtually whatever they'd wish with your email or cloud storage accounts.

While setting up a business email address could be seen as something of a challenge, it's worth it once it's in place if for no other reason than to prevent this sort of thing from happening. Considering that everything from the Adobe application suite to underlying system software could be vulnerable to executing arbitrary code, you'll want to do everything you can to reduce the overall number of potential attack vectors.

Nevertheless, education is often the most important tool to deal with potential computer security problems in a business environment. Take a few moments to make sure that everyone is on the same page about your organization's best practices and you'll be able to drop your firm's potential attack surface even further.