As more of us embrace the shift to operating our businesses digitally, keeping it secure should be top of mind. Your website contains business and customer information that is valuable to cyber attackers, so it’s worth taking the time to safeguard it.
CERT NZ, the government’s agency for cyber security, outlines the four priority measures to get underway.
An easy way to give your website added security and privacy is to enable HTTPS across your entire site. HTTPS keeps the information transferred between you and your customers confidential by encrypting it. This stops attackers from getting the login details or credit card information that customers submit on your site.
Running a business is hectic. There’s so much to remember and keep track of – from payroll to sales and purchase transactions and stock control. But it’s important not to put off software updates. Updates not only add new features, they fix issues or vulnerabilities that can allow attackers to get valuable information from your website.
If you trade online, you’ll want to get up to speed on the Payment Card Industry Data Security Standard (PCI DSS).
PCI DSS helps ensure the online transactions on your website are safe and secure, and that your customers' card data is protected from attackers. Being PCI DSS compliant means you’re well-placed to avoid a security breach that can result in loss of revenue, customer trust and reputation.
When you registered your domain name you obtained a licence to use that name for the registration period, but you don’t own it. If your domain licence were to expire an attacker could claim it and set up their own scam website selling fake goods or serving malware using your business name.
Keep your domain yours by making sure your registration stays current. Ask your domain provider about auto-renewing your domain.
If you think your business might have experienced a cyber-security incident, report it to CERT NZ.
Report an issue(external link) – CERT NZ