Security is a cat and mouse game. We keep looking for more and more ways to defend ourselves, and hackers keep coming up with new ways to get around our barriers. That's why it never stops, we always have to keep thinking to stay ahead of hackers.
In this article we will tell you some of our security measures, so that you can implement them yourself.
1. Principle of least privilege
Principle of least privilege is a commonly used term in information security. This means that every process, every user, and every program should only have access to what is absolutely necessary. This is not because we do not trust the users or software, but should a hacker find a backdoor in the software, or gain access to a user account, we ensure that he is slowed down as much as possible from there.
This is a measure that can be taken quite broadly, it can be applied at every level of a system. For example, think of rights on the file system, ports that are allowed by the firewall, or a database user account that only gets rights to the database that the account needs to be with.
2. Use up-to-date software
It is very important to update software regularly. New vulnerabilities are regularly found in applications. These are often patched quite quickly by the software developer, so it is important that this patch is applied to your system as soon as possible by means of a software update. If the patch announces that it fixes a vulnerability, then we are not the only ones who see it, hackers also read the news, and they know that not everyone patches their system at the same time.
3. Use encryption
The use of encryption when sending and receiving sensitive data is of great importance. Otherwise, a hacker can manage to sit between the sender and the receiver by means of a so-called "Man in the Middle attack" and intercept data. If that data has been encrypted, it can still be intercepted, but then no one can make sense of it, since only the real sender and receiver have the key to decrypt (decrypt) the data again.
For websites, encryption is done with an SSL certificate and an HTTPS connection. You will then see a lock in your browser. At DigitPipe we will always automatically request a free Let's Encrypt certificate after creating a web hosting package. We have also disabled the insecure e-mail protocols so that it is only possible to send and receive encrypted e-mails.
4. Read the news
As I mentioned in the beginning, security is a cat and mouse game, we are constantly looking for new ways to circumvent security measures. That is why it is important that you also stay informed of developments.
5. Use a strong and password
This measure is perhaps the most important. Many people use the same password for everything, and it is often a password that is way too easy, for example the name of your pet with the date of birth, and to make it a bit more difficult is an exclamation mark at the end . If you're thinking "oh...that's my password", I'd change it quickly, because I'm not the only one who guessed it.
It is best to use a separate password for each account (each site). Sometimes a large website is hacked, and then your password is on the street. If you only use that password for that, then that's okay, just change it. But if you use that password everywhere, you have a big job.
Also, always use a completely random password with uppercase, lowercase, numbers and special characters. This way you ensure that your password is never guessed. A password manager like Dashlane or LastPass can generate and store these passwords for you, because if you have a separate random password for everything, you can't remember them all.
6. Use 2 factor authentication
2 factor authentication means that you have a 2nd way to authenticate. In addition to your password, you then have to enter another code, which you can then see in an app or receive by SMS, for example. This is a code that changes every time, making it very difficult to get your hands on it.
Many sites offer an option for 2 factor authentication. With us, this can also be enabled on your customer panel.
7. Provide backups
This isn't exactly a security measure, but rather something to have on hand should a hacker manage to gain access. Your data may already be in the wrong hands, but then you at least ensure that you cannot lose your data yourself.
Ransomware is often used by hackers. Your files will then be encrypted and you can have them decrypted for a large amount of money. If you have a backup, you can restore the backup without paying and you will have your data back.
It is of course important that you think about how you make the backup. It is wise to set up multiple types of backups. At least one backup should never be accessible from the system being backed up, otherwise there is a chance that your backup will also be encrypted, and you will lose all your data.
Finally
Those were the tips, as you can see we should always be actively involved in security. Do you have a website yourself, and you don't feel like dealing with it constantly? Then choose web hosting at DigitPipe. We always implement all the above measures ourselves. You are of course responsible for using a strong, unique password and 2 factor authentication.