Opt in Security Upgrade
Most of us would like to see hackers behind bars. Sadly while there are state sponsored bad actors in play the situation is likely to become worse not better, as evidenced by recent attacks in Australia.
On average we help one or two clients a month whose PC's have been hacked. Typically this is people guessing passwords who then steal email contact lists, or in the worst case key loggers who can move freely around your PC tracing activity.
Typically we also see the hackers staying quiet until the data is researched and stolen. Once this is done, they will often use the hacked PC to send out a raft of spam mails, which is when it becomes obvious and public, a ransomware may follow depending on the data gleaned.
On the website front if hackers get in via a stolen admin password from one of your staff,
- Online payments can potentially be diverted to a new bank account
- Client personal details from orders, application forms, contact us form detail (effectively anything held in the online website databases) is accessible.
- The website can be hijacked for propaganda purposes, ISIS used to do this a lot in previous years.
The outcome of this is obviously expensive, and can be severely brand damaging. No one wants to have to tell their clients that their personal information has been compromised and released into the wild.
While we work hard to keep information secure at a global level for clients, the weakest link remains the client staff PC's that are able to use the back end of a website.
To try and address this and help everyone sleep better at night, we are developing two factor authentication (2FA) for back end website log in's.
We're not using SMS; we are going to a higher level of authentication called TOTP, think MyGov. This will be set up as a global default setting that will apply to administration users on your site, once installed.
There is a fair bit of work to set this up, and there is a modest cost to arrange it that can either be paid upfront or over 3 instalments. To ensure the process is seamless and easy your side we will also assist with training in setting up the 2FA on up to 5 users PC's, tablets, or phones as part of the charge.
The investment is $1,000 plus GST as a single upfront charge, or three quarterly payments of $360 plus GST, one at the start, then 3 months out, and 6 months out.
This is relatively cheap protection given the potential downside risk and I would strongly recommend it for clients who have multiple entry points to the back end of their website. We can also install this functionality on Wordpress sites as well.
To get underway you can drop us a quick mail at firstname.lastname@example.org, you are also welcome to give me a bell on my direct line, (02) 8904 7501 for further details.
PS: If this triggers some wider concerns around security, and you would like to have a more in-depth review of your overall cyber security, I can recommend my friend and our client Dougal Hawkes at Total Cyber.
PPS: I've also recently become actively involved with Sam Shetty at Eweb around online performance mentoring and we are getting some good traction from local councils and business associations. You are welcome to find out more about the Growth Clinic Initiative.
Don't Miss Anything
Get email updates when the next blog is posted.
Everything you need for online success