SFTP

SFTP (Secure File Transfer Protocol) is an updated secure variation of FTP(File Transfer Protocol). Basic FTP is not fully secure, in that the files being transferred could possibly be intercepted by an outsider. In fact, the perpetrator can even change the data within the files, and view the files discreetly without disrupting their path. With SFTP you’ll have an extra layer of security since the files will be encrypted using government standard 128-bit encryption.

SSL

SSL (Secure Sockets Layer) is extremely crucial for any ecommerce site. With SSL all private information such as credit card/bank account information, phone numbers, addresses, and email addresses are kept private. Without this kind of security measure in place, you and you’re customers are being left susceptible to credit card fraud and identity theft. In many cases the credit card information can be stolen instantly, and online purchases can be made before the cardholder even knows what hit them. Aside from the lack of security that is associated with not having SSL enabled on your server, you’re also going to lose business. Every site with SSL enabled receives an SSL certificate which is then placed on the checkout page. Many customers look for this when shopping online, and will refuse to shop with you if you do not have this certificate.

Data Backups

Many people realize the importance of backing up their personal computer, however the importance of backing up your websites files is often overlooked. A lot of work is put into building a website, as I am sure you are probably aware of, and you may find it shocking to learn that all of this information can be wiped out and lost forever in just one hour. If you do not backup your data, this data loss would be permanent, and you would literally have to start back at square one! If you want to keep this from happening then you will need to make sure you choose a web hosting plan that automatically conducts routine server backups.

Overall Network Security

When choosing a web hosting plan, the above factors are definitely of great importance. However, there are many more important aspects to consider in regards to overall server and network security. To ensure the safety of your website and your online business, you’ll need to choose a web hosting solution that is reputable and known for having top notch security.

Related posts:

• March 6, 2009 – SSL For Your E-commerce Site
• February 25, 2011 – The Benefits of Using Multiple Domain Hosting for E-Commerce
• October 20, 2010 – Web Hosting Security – Difference Between SSL, TLS and SSH
• July 15, 2009 – How to Install osCommerce and Activate SSL Through cPanel
• November 21, 2008 – VeriSign Passes a Tremendous Milestone
• November 7, 2008 – SSL for Your Online Store
• September 1, 2011 – Premium Web Hosting and Security Features Available in the Public Domain
• July 29, 2011 – Is SSL Essential for eCommerce Sites?
• April 13, 2011 – Using Captcha Scripts to Prevent Spam
• March 18, 2011 – Securing Windows for Web Hosting Safety

Credit Card Fraud

The internet is a massive virtual marketplace, swarming with merchants, customers, and people who would like to take advantage of both the merchant and the consumer. The people looking to exploit any security fault they can are commonly referred to as “hackers.” Hackers see the web as an opportunity to  prey on the weaknesses of other individuals and companies. A vulnerable website makes an ideal target for these hackers, especially if the website is engaged in daily e-commerce. Many of them have access to highly advanced applications that are capable of telling them if there any “loopholes” they can exploit. Any online store they can find with a single security lapse will become a feeding ground for them, resulting in thousands of dollars stolen form your customer’s credit cards. Once the hacker has the credit card details of your customer’s, the situation becomes progressively worse. Of course, the customer is going to be inclined to believe that you are the thief, and they will not want to accept the fact that you are actually the victim. This kind of situation can result in lawsuits, and even the loss of your online business!

Bot Rings

Then there is the possibility of a horrid “DDoS attack.” A DDoS attack is a security exploit that is normally employed by criminals that are members of or have control of  “botnets.”  DDos stands for “Distributed Denial of Service.” A bot ring is a group of hackers, or programmed computer’s that are set up to carry out a specific task. A DDoS attack is executed by a botnet that continually floods the network with DDoS requests. As the network is flooded with requests, it slows down until ultimately traffic screeches to a halt. Even though the DDoS attack is one of the oldest online security exploits, it is still extremely difficult to prevent because of it’s organic and seemingly genuine nature. Once the server’s traffic has been affected the hacker then takes control of the server, using it as a puppet to find   other vulnerable servers. Once the hacker has gained control over several servers, they then begin their attack on the target of their choice.  To prevent your business from being a victim of one of these attacks, make sure you discuss this threat with any prospective web hosts, to be sure they are aware of this threat.

Malicious Software

Then there are the threats that pose a virtual risk to the web hosting providers. Hackers may attempt to attack a web hosts server or network with a malicious application designed to retrieve crucial information.  This malicious software is called “malware” ( a combination of the two words).  While server’s generally have more stringent security measures in place, they are still susceptible to the same threats that a personal computer may be faced with.  You can avoid these kind of security lapses by  ensuring that your prospective host takes the proper precautions to defend against all forms of malware. Do not be afraid to ask questions about the security measures they have in place, before hand.  It is important to remember that once the web host’s server is compromised to malware, every bit of information on the server can be accessed, including your web site’s financial data.

Related posts:

• February 26, 2010 – PHP and Common Web Hosting Security Issues
• January 23, 2009 – The Dangers of Insecure Web Applications
• June 16, 2010 – Protecting Your Site from DDoS Attacks
• January 20, 2010 – Maintaining Website Security for Customer Satisfaction
• January 15, 2010 – Website Security: Avoiding Downtime That Results in Loss of Profit
• May 7, 2009 – Protect Your Site From Maliciously Activities
• January 13, 2009 – How to Find Secure Shared Hosting
• December 14, 2011 – Avira Antivirus Features
• November 17, 2011 – Clickjacking: What is it and How You Can Protect Yourself?
• September 9, 2011 – Several Security Risks and How to Avoid Them

What is an SSL Certificate?

Secure Sockets Layer or SSL, is a security protocol that enables encrypted communications between the customer’s web browser and the server your store is hosted on.  This is accomplished by what is known as a handshake, a process where the server’s identity is confirmed and a secure connection created.  SSL typically offers 128-bit encryption, formulated by an algorithm which generates a key that is virtually impossible to crack.  An SSL certificate shows that your site is secure and safe for shopping.

How to Get a Certificate

SSL certificates are offered by entities known as Certificate Authorities, with the most popular being GoeTrust, Thawte and Verisign.  For the most part, these authorities provide certificates that give you the same level of security.  A single certificate can encrypt the data traveling between the server and each of your customers’ web browsers.  The average online storefront can get adequate protection from a basic SSL certificate.  You also have the option to purchase additional services to strengthen the level of security.

Installing the Certificate

Although many web hosting providers offer SSL certificates as add-on products, you typically have the freedom to incorporate one purchased from a third-party vendor as well.  In most cases, you can learn how your SSL certificate is to be installed via the instructions in the control panel software or by contacting the host’s technical support department.  Some of the most advanced control panels even allow you to incorporate an SSL certificate directly from the interface.  Once installed, the certificate is automatically enabled.  You will know it is activated when noticing “HTTPS” in front your URL rather than “HTTP”.

Designing for SSL

The design of your site is very important when implementing an SSL certificate.  In order for your web pages to be viewed as secure, all scripts, graphics and media elements must be deemed secure as well.  You have probably visited web sites where a warning displays stating that some of the elements of a particular page are not secure.  These messages are prompted when external elements of a web page are not called using the HTTPS protocol.  In many cases, the certificate is valid and secure but the page isn’t designed properly for SSL.  All the external elements of your page must be called using links that include the full URL.  One simple graphic that doesn’t use HTTPS will generate a “not secure” error.

Conscious online shoppers are increasingly looking for SSL certificates and if you don’t have one, you are missing out on a lot of business.  You can have some of the most beneficial products online but if no one feels safe buying them, they will hesitate to proceed with the transaction.

Related posts:

• November 21, 2008 – VeriSign Passes a Tremendous Milestone
• March 11, 2010 – Top 3 Important Aspects of Web Hosting Security
• July 17, 2009 – Securing Your Business Website in Three Easy Steps
• November 28, 2011 – Bit-Defender Internet Security Review
• August 4, 2011 – Secure Shell Security Tips
• July 29, 2011 – Is SSL Essential for eCommerce Sites?
• February 25, 2011 – The Benefits of Using Multiple Domain Hosting for E-Commerce
• October 20, 2010 – Web Hosting Security – Difference Between SSL, TLS and SSH
• February 23, 2010 – Selecting a Suitable eCommerce Plan – Key Features
• November 30, 2009 – SSL vs. TLS: Which Provides the Best Protection?