Hello again #HasheFollowers!
What has Hashe done this week? Well, Stay tuned, because #FunTings abound.
What shall we discuss today? Website security, Cookies, and Privacy
“What is website security? Website security is any action or application taken to ensure website data is not exposed to cybercriminals or to prevent exploitation of websites in any way” (Tammany, 2018).
There are 2 aspects to web security: the Infrastructure level and Application level. The infrastructure is the website itself, the ideas, the core of what you are trying to protect. The application level has two stipulations, that there are separate security mechanisms for web applications and mobile applications. The web applications have a security feature checklist of do’s and don’ts, requirements and double-check features, to ensure that a website has a strong level of security as a minimum.
Website security protects your website from a number of malicious threats. A few are DDoS attacks, malware, blacklisting, exploitation of vulnerabilities in your system, and defacement of intellectual (and possibly physical) property. This is what each threat means:
“DDoS Attacks: These attacks can slow or crash your site entirely, making it inaccessible to visitors.
Malware: Short for “malicious software,” malware is a very common threat used to steal sensitive customer data, distribute spam, allow cybercriminals to access your site, and more.
Blacklisting: Your site may be removed from search engine results and flagged with a warning that turns visitors away if search engines find malware.
Vulnerability exploits: Cybercriminals can access a site and data stored on it by exploiting weak areas in a site, like an outdated plugin.
Defacement: This attack replaces your website’s content with a cybercriminal’s malicious content.” (ibid).
Four main reasons why every website needs security:
1. Think of security like a transaction between you and your landlord. They provide the housing, but You have you lock your own front-door; otherwise what is the point of finding, renting, decorating, setting up, and moving in at all?
2. Website security is cheaper than a cyberattack. I’ve said it before, and we’ll say it again. It is not worth not having security as “[c]yberattacks can cost small businesses as much as $427 per minute of downtime” (Tammany, 2018).
3. Reputations remain intact, and so does your customer list. If your site is protected, then everything you want to be on your site is there and vice versa. If your website is compromised in any way, “[s]tudies show that 65 percent of customers who have had their information stolen by a compromised website won’t return to that site” (ibid).
4. Malware or malicious software, and the existence of a cyberattack can be difficult to even register. Malware can be subtly embedded into a website and concealed, so your website may be infected and you may not even realize it (ibid).
Cookies. What can I say about cookies?
Well, cookies can be helpful (in fact, most are designed to be), but they can also be malicious. They are delicious in real life, if you’re lucky, and complicated on the Internet, regardless. Simply, cookies accept that information that you give voluntarily. Most often cookies are used for storage, to save images from the website that’s issuing them, so it doesn’t take as long to load, and it doesn’t have to be retrieved all the way from the server. The time saved has a big enough margin that everyone does it and deploys cookies.
Bad cookies though, they can really ruin your website, mess up your code, and leave again without your ever knowing they were there, and/or that you gave access to them. Bad cookies can store malicious software on your computer, on your server, and can then infect the rest of your online network. They can open back-doors and just sit there and gather information like a spy, while sending all that proprietary information back to where it came from in the first place. Then think further, all this could be happening and you could not even know it, or it could have already happened and you would never find out.
All this though, is Not meant to scare you, but inform you of the dangers out there, and to remind you to be secure. Not having website security is like building the house of your dreams and then going to sleep with the front door un-locked. Now, read this fact: There is a hacker attack every 39 seconds (Milkovich, 2018). Think about this: Every. 39. Seconds. Now imagine your website or application being hacked because of laziness or a simple mistake. Do not let that happen. Contact Hashe on our ‘Contact Us‘ Page and ask for help. Asking for help never hurt anybody.
What does Hashe do in terms of website security? What measures do we have in place?
We have quite an extensive security check list that we have to follow while we’re coding, what to do, not to do, and what to look out for. Some examples are cross site scripting, insecure direct object reference, ClickJacking Techniques, and more. You can make your list too with a little help and some research. Hashe is always there to help, just head over to our Offshore page and ask.
Now we know that there is a hacker attack every 39 seconds. Simply too short a time to conceive. What you may not know however, is that by 2020 there will be roughly 200 billion connected devices (Milkovich, 2018). By these numbers, the amount of opportunity cyber-criminals will have is basically unlimited. Hack after hack, and try after try, and time after time, the risk is just too high not to have website security. So, moral of the story people: Lock your Doors, whether your house is digital or corporeal.
Check out our Social Media Pages:
- Facebook: https://www.facebook.com/hasheCS/
- Instagram: @hashe_official
- LinkedIn: https://pk.linkedin.com/company/hashe-computer-solutions
- Twitter: https://twitter.com/hashe
Signing off, #HasheFollowers
#TeamHashe Bids you Farewell and Good Health
Adiós, À bientôt, Ciao, Until Next Time
Milkovich, D. (2018). 13 Alarming Cyber Security Facts and Stats | Cybint. [online] Cybint. Available at: https://www.cybintsolutions.com/cyber-security-facts-stats/
Tammany, J. (2018). What is website security? – The SiteLock Blog. [online] Sitelock.com. Available at: https://www.sitelock.com/blog/what-is-website-security/