Cyber security threats are constantly changing. It is important to stay on top of emerging trends to keep your insurance agency website secure. A secure website not only protects your customers, it protects your brand. Here are the six top tips to help you keep your insurance website protected.
- Be Cautious When Creating Login Credentials
Giving someone access to the back-end of your website is sort of like giving someone a key to your business. Maintain caution when giving someone login access and always keep login access to the minimum amount of people necessary to keep your website up-to-date.
- Update Security Patches, Limit Password Attempts, Use Malware Protection Software
One of the most proactive ways you can keep would-be hackers at bay is to keep all aspects of your website’s code updated. When security patches, plugins, or dependency updates are released, install them as soon as possible. Hackers are constantly looking for code weaknesses. When one is discovered it is typically patched by the code developers as quickly as possible. The sooner you update your code the sooner you remove a threat that’s accessible to thousands of hackers. It is extremely important for all insurance websites to use a malware detection and prevention solution, and limit password attempts.
- Create a “We’ve been hacked” Response Plan
Even the best attempts at keeping your site from hacking can fall short. It is absolutely imperative you have a response plan. Audit logs, backups, and contact information for IT support should be included in your response plan.
- Collect Detailed Activity Logs
Make certain you have access to log reports on all back-end website functions, to help pinpoint issues when a breach occurs. Every login attempt, page adjustment, code adjustment, and plugin addition should be logged with user time stamps.
- Perform frequent backups and keep a copy of recent backup data off premises.
Backing up your website should be an integral part of your response plan, and some hosting providers offer daily backup services. How often you need to backup your website will depend on how often you update it. When your insurance agency backs up your site, save a copy of the backup off of your server in easily accessible cloud storage. If your host is hacked and the server’s contents are compromised, you will have an unaltered version stored out of the hands of hackers.
- Train Users on How to Stay Secure
Once you have your Cyber Security plan enabled, train all users on how to stay safe and prevent attacks. Educate users on how to generate very strong passwords and keep them safe by using a password manager, recognize email phishing scams, and how to encrypt emails that contain sensitive information. What’s a strong password? Today, use at least 10 characters, with alpha (including a cap), numeric (random not a sequential string), and special characters (exclamation, etc.). Many website platforms such as WordPress, will generate and/or measure the strength of your password.
To protect your website, start with the basics above, then determine if you have the expertise to continually stay abreast of potential cyber attacks. If not, consider outsourcing this initiative to a proficient web hosting and development company or insurance marketing agency.