How Secure is Your Website?

What do you think of when you hear the words ‘internet security’?

It might remind you that your antivirus software could probably do with updating.

Maybe you’re always forgetting the passwords for your online banking provider.

It’s easy to forget that decade ago many people felt very uncomfortable with the idea of making purchases over the internet.

Internet security can often seem like more effort than it’s worth. We log in to numerous online accounts every day, and the prospect of having different passwords for each one can be overwhelming. It can sometimes appear that those who follow password protocol spend half their working lives trying to reset passwords that they have forgotten.

However, when your internet security is breached, the implications are very serious.

Much like taking out travel insurance or backing up a hard-drive, implementing internet security measures is a high priority when you’ve seen what happens if you don’t!

Here is an example from the Harvard Business Review of somebody taking internet security very seriously. Tom Cochran, who was previously responsible for digital security at the White House (a place where a security breach would be a very serious issue indeed) decided to set up a phishing scam to try and infiltrate his own company.

The logic behind this decision is very straight-forward. It’s been estimated that 91% of all cyber-attacks are caused by phishing (malicious spam) emails. However, most employees are so accustomed to being bombarded with $2,000/week job offers, miraculous performance-enhancing drugs and Nigerians desperate to share their $5m inheritance that we back ourselves to weed out legitimate emails from spam.

However, this is not what Cochran found:

“The only way to affect systemic, lasting cultural change at the company was to make the cost of not changing bad digital habits greater than the perceived cost of changing them.

To do this, I needed to demonstrate the ease at which someone could be scammed into handing over their password by sending a fake phishing email to the entire company. I sent the phishing email on a Friday afternoon and two hours later, I had the empirical evidence. Almost half of the company opened the email, and 58% of those employees clicked the faux malicious link.“

58% of employees were duped, in a media company.

We would encourage you to think carefully about your internet security, taking particular care to safeguard:

  • Your Website. If somebody manages to hack into your site, you face huge complexities in remedying the damage caused. If you’re an E-Commerce business, the cost of several days without trading should be enough to stir you into internet-security overdrive.
  • Your Social Media. When HMV went into administration, staff took to the company’s twitter account to voice their displeasure at being made redundant. If a person has access to your Twitter, Facebook or G+ profiles then they have the capacity to significantly damage your company’s reputation.
  • Your Team. Training your staff to understand and implement internet security helps safeguard against malicious threats and reaffirms the value that you place upon your online communication.
Back to blog