Website Security

Security of the site and the server is an extremely important issue and should not be treated lightly. The web host is prone to attacks from many different sources, in addition to possible fraudulent access even from within your own organization.

The tools and techniques for maintaining the security of your web site include:

  • Firewalls: A firewall is a barrier to prevent unwanted intrusions into your system. It can be based on hardware or software. It requires some initial configuration to make it work efficiently so that legitimate access is allowed, but harmful or unauthorized access is prevented. If you are using an ISP for your web hosting, they will have the necessary firewall systems. However if you are co-locating your server or have it in-house, then it is crucial that such security measures are implemented. If necessary obtain advice from a specialist.
  • Hackers and viruses: These can be prevented by setting up the correct controls and security measures on the web server. Hackers are users who will try to remotely access your system by various means. Viruses are program code that carries out malicious activity on your system, frequently arriving via legitimate means such as e-mails. Firewalls, as mentioned above, will prevent most hacking attempts, but it is also essential that antivirus software is installed and kept up to date.
  • Administration access: An area that is often forgotten and left open to abuse is the day-to-day administration of the system. The use of login identities and passwords must be carefully controlled and only given to authorized staff.
  • Restricting user access to the site: The web site may have restricted access as part of its functionality, for example: subscriptions and membership. It is vital that the site is designed in such a way so that it cannot be compromised.

In addition there are now many legal implications for web sites, and it may be necessary to consult a specialist lawyer. Always ensure that:

  • terms and conditions of the site are made clear for the visitor;
  • privacy statements are included and the site conforms to the Data Protection Act;
  • copyright and intellectual property ownership issues are clarified for all content.

If you are contracting out all or part of the overall service to an ISP or another third-party, ensure that Service Level Agreements are in place and that these are monitored. The "uptime" for the site is crucial for its success.

RecommendedInfo
NewestInfo