10 Security Tips to Protect Your Blogging Business From Cyber-Criminals
Security is a major concern on the Internet these days. Just like in real life, there are folks online whose main activity is to break into systems and cause harm.
As bloggers, we should always work on securing our blogs from hackers and spammers. While our website hosting company has a huge part to play in ensuring cyber security and constant availability of our blogs, we equally have a lot to contribute. In this post, I want to discuss 10 tips to help us reinforce the security of our blogging and online presence in general
#1. Avoid public WI-FI
Many bloggers live the dotcom lifestyle. This is a lifestyle that typically depends on the Internet. As the Internet is global and unlimited, the Internet lifestyle allows you to live anywhere and connect to your business from any where.
That’s where the problem is. In many public spaces like airports, coffee shops, malls, hotels, restaurants, etc., Internet access is free through public WI-FI ‘hotspots’. The free access is often so tempting that many jump on it without a second thought.
But connecting to some of these unprotected public networks could actually mean granting your PC access to some unauthorized malicious user. This may expose you to Man-in-the-Middle (MitM) attacks, malware, Snooping and sniffing, etc.
Generally, I would advise against linking your business computer up with any public WI-FI. If you must do for some pressing reasons, do not access websites that hold your sensitive information, such as your blog’s dashboard, Paypal Account, etc.
#2. Use different difficult passwords across different platforms
No one enjoys working with passwords but we need them for our account security. Gone are those days when passwords used to be 00000 or 12345. Such passwords are cheap and make the job of hackers easy. Fortunately, many platforms today assist you in creating difficult passwords. But some of us are still lazy enough and use the same password across different platform.
It’s a very poor security practice to have the same password for Facebook, Twitter, Google Account, WordPress, etc. If a hacker gains access to one of your accounts, he may be able to easily breakthrough all the other accounts.
Beside having strong and unique passwords for different platforms, change those passwords frequently. But how often should you change your passwords? Well, depending on how strong the password is, you may want to change after a few months.
#3. Activate 2FA where necessary
A 2FA (Two-Factor Authentication) is simply a login method in which the user is required to present two or more pieces of evidence to an authentication mechanism before being granted access. This authentication layer is available on many platforms today to allow users confirm their claimed identities by using s combination of different factors.
Usually, 2FA is not enabled by default. You will have to go to the security settings of your account where you’ll find 2FA activation instructions (If available). Common 2FA methods involve a short code sent to the user’s phone through SMS or email address.
Google Authenticator appears to be the most widely used TOTP (time-based one-time password algorithm) two-factor authentication method for smartphone users.
#4. Use VPN where necessary
Virtual Private Networks (VPN) are becoming increasingly popular due to the fact that they give you online privacy and anonymity. VPNs is commonly used method to connect to public hotspot, hide IP address and make your browsing private.
I just raised your attention to the fact that connecting to public WI-FI could be massively dangerous. But if you must do, give a VPN a try. There are many trust-worthy free VPN providers you may want to try out.
#5. Use PayPal not your Credit Card
Paypal is the most secure and most widely used payment processor today. One of the reasons for Paypal’s popularity is user protection. The platform allows you to use your credit/debit card for online transactions without surrendering your card data to the merchants. With a strict and rigorous refund policy, any unauthorized access and transactions on your accounts are often easily recovered.
In the blogging industry, more than 90% of the services you are ever going to need to have Paypal as a payment option. Keep your Card data safe by using Paypal for your online transactions
#6. Don’t enter key data on sites that don’t run on SSL secured protocol
Interacting online typically means filling web forms and submitting your data over the Internet protocol to some recipient. The data carried from your local computer to the remote destination can be captured by some man-in-the-middle (MitM) activity.
Secure Sockets Layer (SSL) is a cryptographic protocol that provides security over internet communications by encrypting and obfuscating the data transmitted between your browser (local computer) and the server (remote destination).
When SSL is used to secure internet communication, it turns a website’s address from HTTP to HTTPS with the ‘S’ standing for ‘secure’
Before you go ahead and submit your credit card and some other sensitive data to a form on any website, make sure there is an ‘S’ to the HTTP section of the website address. On Google Chrome, it looks something like this:
To protect your readers and help them trust your website or blog, you’ll have to make sure yours run on the secured protocol as well. This also has an SEO benefit.
#7. Make sure your antivirus is up to date
Viruses constitute a major concern when it comes to using computers. As bloggers, we are not only worried about these malicious scripts damaging our personal computers. They can also smuggle from your local computer through an FTP (File Transfer Protocol) activity to your blog on the remote server.
If this happens, it may cause your blog to malfunction, damage your reputation and business before your host gets to know and deal with it. That’s while I recommend making sure you have up-to-date antivirus and avoid visiting unnecessarily websites susceptible to infecting your computer.
#8. Constantly backup
Many web hosting companies today have backups as part of their hosting packages which is excellent. While some of these backup scripts run automatically on daily basis (depending on your hosting package), you should be conscious to always check to make sure the backup mechanism functions
Additionally, put in place a backup plan that copies your blog from your host’s servers to a location you can always turn to should your host completely messes up with your blog.
#9. Constantly update your theme and plugins
Outdated themes and plugins are some of the openings that make way for malicious scripts into blogs. This is common with WordPress blogs.
Each time an update is available for your theme, any of the plugins you use or WordPress core, don’t hesitate to upgrade. If the upgrade is a bug fix or security patch, it calls for immediate action to secure your website. Upgrades can sometimes cause compatibility problems. However, you should always check with your plugin/theme developer if there is any malfunctions as a result of an upgrade.
#10. Make sure the next plugin is absolutely necessary
Generally, plugins are dangerous for your blog. Beside the load speed and compatibility issues, some of these plugins make way for backdoor attacks.
Before you install any additional plugin, you have to be sure it’s from a trusted developer who is active at maintaining the plugin and who can come to your aid should there be any problem related to it.
Conclusion
The security of your blogging business is not just the responsibility of your hosting company. You have a huge part to play and I hope these tips come in handy