Safeguard Your Website

by Karen L Simon & Renee J Goldberg

Websites are today’s business card. Most people won’t take a business seriously unless that business has web presence. Due to the threats of privacy invasion, viruses, and malware, it is imperative that businesses take steps to protect their site and its visitors with security features.

While users of the site have a certain responsibility to protect themselves, today’s litigious society puts business owners at risk of lawsuits for damages, including privacy issues.How secure is your website?

Secure Socket Layer (SSL)

SSL certificates protect websites and visitors. They should always be installed and active. Email communications should also be protected with SSL. Both incoming and outgoing messages are then scrambled (encrypted), preventing them from being seen or intercepted until they are de-scrambled by intended recipients.

A secured site is recognized by the “https://” designation in its full address (URL). SSL establishes private connections by encrypting information that is passed between the site and each user’s web browser. Whether it’s Google Chrome, Firefox, Safari, or Microsoft’s Edge, these browsers check this security feature before displaying the site. With a “padlock” icon, they indicate to the user if a site has an active SSL installed. If not, a warning message appears notifying them that the site is “unsecure” and continuing would be at the user’s own risk. Upon receiving this warning, most users will immediately leave the site.

Should a user choose to continue to this site, they expose themselves and their personal information to data breaches such as contact information, password stealing, credit card fraud, and more.

If the site has an expired SSL certificate, some browsers notify users with a warning message, while others use a red padlock.These certificates are updated, renewed, and reinstalled every year since hackers become more sophisticated at breaking encryption codes.

Firewalls

A firewall is another safety feature that protects websites and visitors from hacking, viruses, and other malware. Just like personal computers and mobile devices, websites and their servers must be protected. They are constantly probed and attacked by hackers looking to inject malware into the server.

When hackers are successful, your website visitors’ devices can “catch” the virus and often pass it on to others. Further, the website could be destroyed, the administration section could be compromised, and information can be stolen.

Protect Your Site

Without these two key safety features actively installed on a website, businesses can lose the trust and confidence of customers, clients, and visitors. Additionally, search engines such as Google, Yahoo, and Bing lowera site’s ranking in searches, pushing the website to the bottom of the list of search results.

Keeping SSL certificates and firewalls updated is a process. Renewing expired subscriptions can be a lengthy process. What’s more, cleaning and fixing damage to a compromised website is extremely costly to a business.

Always consult with your website and email hosting provider to protect your site and ensure the safety and security of your customers and visitors. This adds trust and confidence, reflecting well on your brand.

—–

Copyright © 2023 TechOrganizing.com & MindSurf. All Rights reserved. Reproduction or republication is strictly prohibited without prior written permission.

Changing Your Email or Phone Number?

passwords word cloudOur digital identities are tied to our email address and phone number. No longer is it just usernames, passwords and answers to a few secret questions that we need to remember. Someone came up with the bright idea that, for security, they want our email address and/or phone number, too. This is how companies send verification codes and reset instructions when we can’t get into our accounts because of a forgotten password. So, BEFORE you change your email or your phone number and/or mobile phone carrier – think twice (or more.)

The Nightmare

Recently, I’ve had trouble calls from clients who are caught in the horror of attempting to reset their account passwords AFTER changing their email address or phone number (and old ones were no longer accessible).  One company, Microsoft, took them through a form that asked for answers to secret questions, old phone numbers, recent email contacts, and more, yet still denied access to reset the password. After hours of phone calls to the company, they still refused to grant access to the accounts. The customer service agents basically told them there was no further resolution.

One of those clients no longer has access to any of the Microsoft’s services – including his email. Another could no longer unlock her computer every day since her login is tied to her Microsoft account!

Another company, Verizon, has been getting out of the email business – transferring all of their customers who used their email service (@verizon.net) to their new acquisition, AOL. They promised customers that they’d receive an email with special instructions and links to a form that transfers their email account to AOL. A client of mine never received the email. One day, his email stopped working. After inquiring with both AOL and Verizon, he was told to wait for the email as there was no other way to help him. It still never came. He no longer has access to his email. Unfortunately, he used that address to set up all of his OTHER online accounts. Now, he’s tasked with changing his email address-on-record with EVERY online account he owns – we calculated, it’s over 40 accounts!

It Doesn’t Stop There

Other companies, like Apple, don’t ask for just ONE email address, they want two! One of them will be used just for password recovery. It can’t be the same as the address you use to set up your account (AppleID). This means that you have to remember that if you change (or LOSE access to) one of your email addresses, you had better make sure to go tell your AppleID account about it! With all of your data and devices that rely on (and tied to) that one AppleID, a loss of this account will be devastating.

Google & other companies use your phone number to send text messages with a verification code to be entered on a webform should you ever need to recover your account. If you change your phone number, make sure you tell Google about it! (Microsoft uses this method, too.)

Other companies will not allow you to change ANY security setting, including email address and password, unless they send a verification code to your phone via text message! So, be sure you have access to the phone they have on record before you change anything.

The Lessons

  • Remember your passwords! Use an app, keep a log, spreadsheet, document – ANYTHING. If the passwords change or you add a new account – update the list immediately.
  • In your passwords list, include login name, account number (if any), email addresses & phone numbers associated with the account.
  • Before you change your email address or phone number, refer to your list so you know which accounts you’ll need to update.

menu buttonmobile readers: tap Menu at top for more info