Generally, business owners tend to believe that their website is being backed up, that it is actively maintained by their hosting service, and that the service will keep their site protected, up-to-date and operational. However, that’s probably not the case.
“Site backup and updates likely are not being provided by most hosting services,” says Marling Engle, founder and president of Metisentry. “That’s not something many people know until there’s a problem that costs them valuable data, a first-page search ranking or customers’ trust.”
He says the largest, most commonly used cloud providers don’t offer site backup as part of their basic packages. This leaves many owners and their developers to perform regular software updates, most of which are critical security patches. Unless an owner knows to ask someone to regularly check for and install this software, his or her website is left vulnerable.
“A good host is a site owner’s unsung hero because sites are constantly under attack. Having a service that keeps sites safe is critical for preserving these valuable assets.”
Smart Business spoke with Engle about what to look for from a hosting service.
What are the risks associated with not regularly backing up or updating a website?
Sites are extremely vulnerable to compromise if they’re not up to date. The effect of a site being compromised can be a dramatic drop in search ranking. Sometimes a site can’t regain its place among the top results, which means less exposure, which means losing business to competitors who now rank higher.
Companies also lose credibility when their site is compromised. When customers visit a company’s site and see inappropriate or unusual material, they’ll leave and might not come back.
E-commerce sites that are compromised could result in a loss of leads and customer information. And in e-commerce, a security breach is considered fraudulent activity. It damages customers’ trust, and that leads to a great deal of hesitance or outright refusal to purchase through a business’ site.
What is important to understand about backup and security?
Backup has two components. The first is retention, the quality of which is based on a company’s ability to go back in time to an uncompromised version of its website and the speed with which that version can be restored. If a site is compromised on a Friday and the company finds out on Monday, it needs to be able to recover enough data preserved from the earlier version to restore its site.
The other aspect of backup is security, which is largely predicated on a site being up to date. Software updates eliminate exploitable vulnerabilities that would otherwise allow bad actors to breach a site.
With those two issues addressed, the hosting environment can be considered. A server’s firewalls can filter and clean traffic before it reaches a site’s code. If both are hardened, they can prevent attacks, even to sites that aren’t as secure as they should be. A good hosting environment is another layer of protection.
What does full stack mean and what advantage does it offer?
Full stack means working from the server up through the application. Full stack developers can build the server environment and write, update and manage the application. For businesses, working with a full stack developer means having access to a broader range of development skills that essentially equate to a one-stop shop — companies present a design concept and the full stack developer builds, hosts, manages and scales it while providing backup and ongoing security.
What other services should business owners discuss with potential hosts?
What often isn’t considered is access to subject matter experts. Working with a hosting partner with a staff that has experience can mean talking to an engineer who has been working in systems for 20 years — someone who can solve problems and restore services fast.
There have been several damaging attacks perpetrated against businesses’ websites that have caused them to lose valuable data. Understanding what services are critical to keeping a site secure and operational is the first step to finding a good hosting partner.
Insights Cybersecurity is brought to you by Metisentry