How to Make Sure You Have a Secure Site

Cybersecurity has been a hot topic in 2017 due to the rise in cyber attacks. Hackers are getting better at hacking and companies are noticing it’s time to do something about it.

With the holiday season right around the corner, making sure you’re buying from a site that is secure is important. Cyber attacks occur most during peaks in online sales on days like Black Friday.

When it comes to your website, you need to make sure you’re offering a secure site to your visitors.

How to Protect Your Visitors Data

Identity theft and cyber hacking have been the main theme of this year. Starting with WannaCry, a ransomware that affected the world. WannaCry targeted healthcare organizations and private health information. Luckily, experts in security were able to find holes in the system and shut it down without losing important data.

Shortly after WannaCry, NotPetya hit. Another ransomware that spread across the globe, infecting companies like airports, banks, and transportation centers. There were many more attacks that affected large companies in the United States and beyond such as Equifax leak, Target, Mac and Home Depot.

Protecting the private information of your website visitors is important in light of recent events. If you don’t have a secure site, you are putting your customer’s identity at risk. Online shopping makes people’s information vulnerable to cyber attacks.

How do you protect your site? How do you convince your customers that it is safe to buy products or services online?

Ensuring You Have A Secure Site

If your website is gathering any information from its users, you have a duty to protect it. Asking users for passwords, usernames, addresses or credit card numbers needs to happen on a secure site.

There are steps you can take to show your customers you have a secure site and ensure them their data is safe. Not taking these measures could drive visitors away from your site.

HTTPS

The first thing to look for on a website is making sure the beginning of the URL starts with “https.” The s after HTTP means that the website is being transmitted over a secure connection. Without the s, it could mean that your information is vulnerable to hacking attempts.

Anything typed into fields in a URL that starts https is encrypted when it’s sent to the web server.

SSL Certifications

Along with your URL, it’s important to acquire an SSL certificate for your website. SSL stands for secure sockets layer. Companies can show users that browsing, buying products, and sharing information is secure.

Why is this important? It protects your website’s data and all of the visitors that come to your website. SSL Certificates encrypt data on a page and the website has to pass a validation. Even if you’re a small company or you have a personal webpage, it doesn’t mean you’re out of hacker’s reach.

An SSL creates a connection between the server and the web browser, making it secure. Users don’t see this connection, it happens under their radar.

Different Degrees of Certifications

These certificates come with different degrees of protection. Some of them validate the domain name, making sure it’s not fake. This doesn’t ensure that the organization is legitimate, however. Any domain that has an owner can pass the simple domain validation test.

Look for higher levels of security in Extended Validation. This SSL certificate ensures that your organization is safe and has a secure site. Users can see that the company is legitimate and their site is secure.

An Extended Validation Certificate also makes your URL in the web browser appear highlighted in green. Having the green address bar shows users your site is secure. The process of acquiring one of these certificates is not easy.

There are a series of tests the company must pass to receive a certificate. No hacker would be able to pass these tests, so businesses that have these are proving to customers they have a secure site. This information must be given on a bi-yearly basis to keep the certificate valid.

Domain Check

One of the most successful hacker tricks is creating mimic websites. Hackers take popular websites and create them to be a mirror image of the original. They buy URLs that maybe one letter off. For instance, google.com may look like giogle.com.

They take into account common spelling errors people have when typing in web addresses. They trick users into buying an SSL certificate to validate their domain. When customers arrive at their page, they may not notice their typo, and it looks like a secure site.

When they trick someone, they are able to steal data from these users in the form of money or their identity.

Lock Icon Display

When you’re viewing your URL in a web browser, if you have a secure site a lock will appear. This lock shows users that your site is secure. It shows up when you have an https before your URL.

The lock icon is a button that when clicked, it shows the websites validity and details of the SSL certifications. Lock icons display differently across web browsers, but never on the web page.

Statements of Privacy

A secure site will most often have a privacy statement located somewhere in their footer or on an about us page. This privacy statement will tell your users that their information will be protected when used anywhere on your page.

Privacy statements could say that they will sell your information to third parties. Most people don’t take the time to read them, then their information gets sold. Suddenly their cell phone starts ringing off the hook with solicitors.

It’s important to make sure your site has a privacy statement so your business is reputable. While these are the main factors keeping your site safe, there are other things you can do.

Other Aspects of a Secure Site

In addition to the above steps to making your website secure, you can also provide a seal that goes on your webpage.

Having an SSL Certificate site seal goes above and beyond to prove to your customers that you are a reputable company and your website is secure. These seals are difficult for hackers to reproduce. The design makes it challenging to copy. They are also encoded with metadata that includes a time and a date of validation.

An SSL Certificate site seal is also a link, not just an image. You can click on the seal and it will give you the details of the site security, alongside other important domain ownership information.

Site seals placed where visitors can see them is preferred. If it’s hiding in the corner of one webpage, very small or doesn’t include functionality, take caution on the security of the site.

What Your Users Should Watch Out For

Making sure your customer base knows what to expect from your company is one way they can be sure they are going to the right website. Not everyone is going to be your customer, so, unfortunately, they may be susceptible to mimics of your webpage.

As a user, there is responsibility they must take for making sure they are on a secure site. As an organization, you can provide the highest security but users may still type in a wrong address and come across a harmful webpage.

Educating your users on what an insecure site looks like or may offer will help them. Telling them to be wary of discounted items or products that seem to be out of the ordinary.

In general, if someone doesn’t recognize a site or has never heard of them, getting a second opinion is a good choice. Asking people if they have heard of this site or if they have gone to similar sites. If the people are you are unsure, you can do a quick google search to see what comes up. Reading reviews on Google and Yelp can give light to whether or not the site is secure.

Secure Site Checklist

Having a secure site is not an easy feat, but it’s necessary if you want your company to be reputable. Customers will be less likely to purchase from you if you don’t have signs of safety and security.

Let’s recap the main takeaways of how to build a site that protects its user’s information.

Stay up to date with technology news. Know the latest cyber attacks and how they perform so your business can provide continuous security. Make sure your webpage has an HTTPS before your URL so users know it is secure. Better yet, purchase an SSL certificate to display on your site and double check to make sure your webpage is displaying the security lock icon.

If you’re looking to show your customers you care about their data, purchase an Extended Validation Certificate so your URL appears in green, ensuring users your site is secure at first glance.

Provide users with privacy policy and statement, letting them know you won’t be selling their information to third parties.

All of the above are important steps you can take to protecting private information. As a webmaster, this something you should make certain every site has. To read more about how you can improve your website, check us out here.