Online Security Primer for Your Business: Monitoring (part 3 of 3)

Monitoring train speed at the rail car retarder shack Alright!  Part 1 of this online security series talked about the importance of limiting who has access to your data.  Part 2 covered what made a good password and policies about changing them, including a tool to make that easier.  Here, this series of tips to make your data safer concludes with one more simple thing you can do in case the worst happens.

I was hacked!

Even if you have a good policy about security, bad stuff can still happen to you.  Think of the security breaches you’ve heard of in the news.  You know those companies had better systems than you, right?  Well, same here.  It shouldn’t come as any surprise then (particularly given the header of this section) that the hackers found a vulnerability and hacked my site. Now, before I go on, I should say that it wasn’t this site, and the hack wasn’t so bad.  What happened was they inserted some code into an ecommerce site that sent visitors to a different site that sold knock-off drugs of the type you might see in spam emails.  It was dreadfully unprofessional, but the bad guys didn’t get credit card information or anything like that.  And they got in because of a weakness in the web store software that was being used, so no matter how good my password and personnel policies were, it could have happened at any time. My story brings me to the first recommendation for this article:

Recommendation 1: Update!  Update!  Update!

If you use some kind of software to run your online stuff (which you probably do), you will need to update it.  This might be Drupal for your website, or WordPress for your blog, or Zen Cart for your online store.  There are hundreds of different packages out there.  And for each there are widgets and plugins that add useful functions.  Any and all of these may have security vulnerabilities that are discovered over time.  When good developers discover these problems, they update their software to close that weakness. That does you no good, though, unless you keep your own installation updated to the most recent version. On a regular basis, then, you should log in everywhere and see if there are updates.  Most sites have a menu option somewhere to check for updates.  Many even check for you and have a notification system when they find a newer version.  Explore the software you’re using, figure out what to look for or what to do to check for newer version, and then do that often.  Like once a week.  You might be able to get away with checking only once a month or once a quarter, but if you’re vulnerable, you’d like to lock that down sooner rather than later, right?

The Story Continues…

There I was, looking at disbelief at the website.  Clearly something was wrong in a very bad way.  I didn’t know what had happened, or how, or how bad it was.  But I did know one thing: it had to be fixed.  Now. I started digging around.  In the code.  I’m not a web developer.  I can generally figure out what a bit of HTML or PHP is doing, but I’m no expert.  It’s about the same level as I am with Chinese: I can have a simple, limited conversation but don’t ask me to read a book because I’d have to look up every word.  I can work my way through the code but it’s not fast and it’s not pretty. The store software was made up of perhaps hundreds of different small files, each working together and contributing a bit of functionality to the whole.  And I found (in multiple files, but not most of them) code that looked like nothing I’d seen before.  My book in Chinese suddenly had Arabic passages in it that hadn’t been there before. Luckily, I had backed up the site not too long ago, so when I found a file with the weird code in it, I replaced it with the backup.  Unfortunately, as I went back to check, I found that the restored files were being re-infected faster than I could correct them.  I was losing the battle against some kind of obviously automated attack.  I was out of my depth.

Recommendation 2:  Backup!  Backup!  Backup!

I know you’ve probably heard this before, but make a backup.  Your web host’s help files should be able to tell you how to make a backup of your site.  Do this as often as you think you need to based on what your site does.  If you’re making transactions multiple times a day, with frequent new customers, you will want to back up more frequently.  If your website is little more than a digital business card or portfolio (meaning the information doesn’t change that often) a less frequent schedule will probably work. Something else to look out for: backup both the files and the databases used.  Many sites use both, so be sure you’re getting everything and not just one or the other.

Recommendation #3:  Consider Hiring a Monitoring Service

The conclusion of my story is wrapped up in this recommendation.  After several days of fighting an uphill battle against technologically superior forces, I was just about ready to shut my site down completely.  Just at that time, I got a referral from a friend and signed up at Sucuri Security (my affiliate link) for site cleaning and monitoring.  To this day, it was the best $90 I’ve ever spent for something related to a website. When I signed up, I gave them access to my site.  Within 24 hours, they had found the vulnerability, locked it down, disabled the bad code within the site, and cleaned up the infected files.  Since several search engines had detected that my site was infected, they had started putting up a warning before letting people go there.  Sucuri let them know they should re-check and remove the warning. Not only that, but the cost of having them fix it also included a year’s worth of monitoring.  So they check my site regularly to see if anything is amiss and let me know before it gets out of hand.  There was a minor breach some time later which remained minor because of the early warning. Finally, once it was cleaned up, they also included tips on “hardening” my site against future attacks.  It was a checklist of things to do, each making it just a bit more difficult for a problem to occur again in the future. And if you’re just curious how your site is doing right now, you can always use their free SiteCheck page to see if they can find any malware, blacklisting by web safety sites, code injections (the thing that got me!), and defacements.

Summing Up (or TL;DR)

Part of your online security plan is monitoring.  You should monitor your software platforms to make sure the software itself, as well as any plugins or themes you use, are up to date.  You should monitor the frequency of your backups.  And you should monitor and fix any breaches that do occur as quickly as possible to minimize damage to your reputation, your company, and your customers.   (And if you use my affiliate link to sign up for Sucuri Security to do that last item, thank you!) Image source:  No known copyright restrictions.  Modified by Michael J. Coffey. 

Posted by Michael J. Coffey  |  0 Comment  |  in Tools & Terms

About Michael J. Coffey

Michael started learning about online marketing as the web store manager for a scrappy little game retailer during the "dot com bubble" of the 1990s. Since then he's helped fitness companies, tea wholesalers and retailers, lawyers, clothing designers, restaurateurs, and entrepreneurs in many other fields. In his spare time he drinks very high quality tea, writes letters with a fountain pen, and reads literature.

Post a Comment

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Stay Connected