Cyber Security

Automatic WordPress Updates – The Pitfalls

WordPress updates and website maintenanceHere’s a great example of why automating updates in WordPress is only smart for non-business websites. As I write this, one of the WP plugins published by Facebook just released an update with invalid code.

Not just a bug — code so wrong that it crashes sites. Code that wouldn’t have passed basic testing.

I’m sure “Facebook for WooCommerce” will be fixed promptly. However, over 900,000 online shops use it. If they were all running automatic updates, almost a million shops would be offline right now.

Other WordPress Update Problems

This comes on top of the GADWP fiasco earlier this year, too. In that, ExactMetrics changed the nature of their popular plugin without warning, through an “update”.

Version 6 of the “Google Analytics Dashboard for WP” plugin was “redesigned from the ground up”.… Read the rest “Automatic WordPress Updates – The Pitfalls”

Can A VPN Improve Small Business Cybersecurity?

Can a VPN improve small business cybersecurityAll businesses today should recognise the importance of having an effective cybersecurity policy in place. Data breaches seem to be constantly in the news. Whilst those tend to be high-profile cases like TalkTalk and British Airways, small businesses frequently suffer data breaches too. In recent years, Virtual Private Networks (“VPNs”) have become quite common for home use — so can a VPN improve small business cybersecurity?

Well, yes — but let’s cover the basics before examining the business benefits of a VPN.

What is a VPN?

A VPN is a private network (within the public internet) that enhances your online privacy by:

  • Giving you a temporary IP address when you go online
  • Encrypting data transfers between your computer and other online resources
  • Wrapping that data inside other data to keep it even more private (called “tunneling” or “encapsulation”)

An IP address is the numeric address of your computer on the internet.… Read the rest “Can A VPN Improve Small Business Cybersecurity?”

Meltdown & Spectre Simplified

Meltdown & Spectre cybersecurity vulnerabilities

Meltdown & Spectre

So, 2018 has started with disclosure of two huge cybersecurity vulnerabilities, called “Meltdown” and “Spectre”. These are not like most of the “exploits” that hackers use. They affect almost all modern computers.

Sites like MeltdownAttack.com and Defiant.com (previously “WordFence”) have covered the tech details well. So, here’s a simplified summary of what non-techies need to know.

Why You Should Care About Meltdown & Spectre

Most vulnerabilities affect software. Meltdown and Spectre affect CPUs — the core computer chips — mostly those built by Intel since 1995. So they don’t just affect PCs, or Windows, or Macs, or Linux. They affect computers, regardless of what software or operating systems you use. In short — yes, this affects your computer(s) and phone(s).Read the rest “Meltdown & Spectre Simplified”

It’s All About Trust – Increasing Sales With SSL Security

SSL security trust mark“Trust me.” That’s the most vital message any website can convey. Without trust, visitors just leave.

However, most folks expect to be trusted, even when they’re wary about trusting others. Whilst that’s fine for dealing with folks in person, websites need to plan to build trust. We do that by providing quality content, good service – and “trust marks” like testimonials, “About” pages, Privacy Policies and other reassurances.

Of course, search engines want to promote quality, trustworthy sites, so many of these reassurances can be good for SEO, too. So online, trust doesn’t just enable sales – it actively increases sales.

…and Google just changed the game.

Google’s Great SSL Plan

So, as you may know, Google uses hundreds of signals to assess the quality and trustworthiness of websites.… Read the rest “It’s All About Trust – Increasing Sales With SSL Security”

Anti-Malware Solutions – 5 Vital Elements

Anti-malware solutions“Malware” covers a huge range of threats including viruses, spyware, ransomware and more. So, anti-malware solutions must defend on several fronts. Many include anti-spam and firewall solutions too, as these block common malware sources.

Some operating systems are more secure than others, but nothing can be 100% secure. Malware is built to work around any predictable default protections. So, whilst it’s worth keeping built-in anti-malware up to date, you’ll need more.

Essential Anti-Malware Components

So, what features should you look for in your anti-malware solution? Well, there are five that no system should be without.

1. Anti-Virus

The most obvious requirement is an effective, up-to-date anti-virus system. These mainly handle:

  • Viruses – which need human interaction to spread
  • Worms – which self-replicate.
Read the rest “Anti-Malware Solutions – 5 Vital Elements”

Password Security Made Simple

Password securityPassword security is the first — and often weakest — line of defence against cyber-attacks. Unfortunately, passwords are the cybersecurity measure we all love to hate.

Techies take a lot of flak for implementing password security, but we didn’t invent it. Call them passwords, PINs, keys or whatever you like — they all work the same way: a pattern grants access to a restricted resource. As such, password security measures have existed throughout history and will be around in some form for a while yet.

That said, passwords have never been as common as they are today — and cracking them was far harder without computers. These days, weak passwords only create a false sense of security. So, we all need to know how to use passwords effectively.… Read the rest “Password Security Made Simple”