Cyber security - What do you do to ensure your website/work is super safe?

Hey there!

I am sure you are aware that there are many aspects to online security, and it would be impossible to outline them all here, but I will try keeping to the bare basics.

Basic Online Security Tips:


1. Use Google Chrome as your primary Browser: A security contest at the CanSecWest security conference in Vancouver earlier this year proved that, in fact, Google Chrome is the most secure browser out there.

2. Do NOT use Internet Explorer for browsing the Internet: Microsoft announced that as of January 12, 2016, it won't provide security updates or technical support for older versions of IE.

3. Use https:// when and where it is warranted: Compared to http://, https:// is a secure communication protocol that encrypts and decrypts user pages to prevent unauthorized access to sensitive data. Basically, it ensures that whatever information you enter (e.g. credit card details), the data collected from you will remain safe and secure.

***Important*** Never reveal sensitive information (personal data, financial information and passwords) on sites that are not protected by an SSL certificate (an https:// protocol, where the 's' stands for "Secure").

4. Do a Google Search on sites that are suspicious: Google is our friend, and a good friend is always there when you need him. Doing a simple Google research can reveal a lot about a site's reputation mainly through community forums(Warrior Forum), blog posts, news sites or even through questions asked on sites, such as Quora or Yahoo Answers.


5. Do NOT ever download anything from websites that offer Instant Virus Removal, System Cleaner or Speed Optimizer services/applications: Basically, there is no way for a website to know if your system is actually infected or not, so all sites pretending to detect such breaches are either SCAM or using some form of dodgy marketing technique that you shouldn't get involved with in the first place.

6. Always enter important URLs yourself: Let's say you receive an email about alleged problems with your Paypal or bank account, and the email has an embedded link in it pointing you to the page where you must enter your login credentials.

Never follow links to important websites, especially to ones requiring you to give out personal details.

Naturally, these really are just the basics. I could mention security tips regarding downloading,browser settings,email, or even computer basics (e.g. I would definitely go with Kaspersky on any and every computer/device...they are simply the best!)


Let me know if you want to know more about any of these aforementioned aspects, and I will gladly help.

Cheers

MM

Here are some tips which are cheaper could help you in the security of your business.
Firstlt make sure your computers are equipped with the latest technology and security software, along with browsers and operating systems this will be a simple step to cover against any viruses and online threats. Make sure to install the software updates timely and you can set it up automatically as well in order to be on top of the security. Run a scan on your computer after each update.
Secondly make sure to use secure WiFi networks, it should be hidden and encrypted. You can do this by setting service set identifier which will hide your router and ask for a password to access it
Everyone in your guineas should follow the basic security practices such as string passwords and using internet in the safest manner in order to avoid any harm. Also how to use customer data safely.
Also use firewall security for your Internet connection , this makes sure outside people cannot access data on the private network enable it on all your business computers. If employees work from home, ensure that their home systems are protected by a firewall as well.
Mobile devices also cause a lot of security threat, they include all the confidential information hence needed to be used with cause set up passwords on it as well, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks.
Backup all the key business data, including word files, spreadsheets, financials, accounts, make sure to back up every week automatically or daily
Take user accounts for all employees, access should only be given to authorised individuals

Also Work with banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used.

Make sure you Don't provide any single employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install software without permission.

Require employees to use strong passwords and change them every three to six months.
Hope the above information is helpful. Ask any more questions if needed

Web security is one of the most important parts of any online business. so some of security tips i share with you

Stay up to date with software
Use strong, encrypted passwords
An SSL certificate not only marks you as a trust website but can boost your search engine rankings
CDN networks offer you an extra layer of security against brute force attacks as well as improving speed and user experience
Installing firewalls and web security applications are quick ways to prevent most malicious attacks
Be careful how much information you give away in your error messages
Input sanitization can protect against some of the most common types of attacks
The correct file permissions will make sure you don’t expose vulnerabilities in your website

all your discuss are very helpful to check again my website. but as @anayb told: no server is safe, it broke anytime.

Besides avoiding common human errors with MarketMeh's tips and keeping up with cyber security news (Wired anyone?), you can't really avoid extra help from technology. Anti-virus software helps to keep your computer files clean and network security (firewall) guards your computer from malicious traffic.

However you mention that you have a website, so picture that as a whole new layer, accessible from anyone else's computers. That's the web application layer, and most web attacks can be deflected with a web application firewall.

It detects malicious activity on your site, such as hackers trying to inject exploit code into your site without you knowing and gaining access to your customer data/files. SSL is also a requirement for PCI-DSS compliance if you're collecting payment information on your site.

Cracking your password is honestly just the most basic of ways to hack your site. If you use plugins, even updating them regularly doesn't stop hackers from exploiting undiscovered vulnerabilities.

Cloudbric WAF is what I currently use and they've very recently begun to provide ssl to all sites. Besides that I recommend keeping your backups automated.

If you have a database to protect as well, look into database encryption