Cybersecurity threats are constantly changing. It is important to be aware of emerging trends to keep your insurance agency website safe. A secure website not only protects your customers, it also protects your brand. Here are the top six tips to help keep your insurance website safe.
-
Be careful when creating login credentials
Giving someone access to the back end of your website is like giving someone a key to your business. Be careful when granting login access to someone and always keep login access to the minimum number of people necessary to keep your website up to date. -
Update security patches, limit password attempts, use malware protection software
One of the most proactive ways to keep would-be hackers at bay is to keep all aspects of your website code up to date. When security patches, plug-ins, or dependency updates are released, install them as soon as possible. Hackers are constantly looking for exploits for popular encryption methods. When an exploit is discovered, code developers typically patch it as quickly as possible. The sooner you update your code, the sooner you eliminate a threat that can be accessed by thousands of hackers. And all insurance websites should use a malware detection and prevention solution and limit password attempts. -
Create a response plan “We have been hacked”
Even the best attempts to prevent your site from being hacked can fail. It is absolutely imperative that you have a response plan. Audit logs, backups, and contact information for IT support should be included in your response plan. -
Collect detailed activity logs
Make sure you have access to log reports on all functions of the backend website, to help identify problems when a breach occurs. Every login attempt, page wrap, code wrap, and plugin addition must be logged with user timestamps. -
Take frequent backups and keep a copy of recent backup data off-site.
Backing up your website should be an integral part of your response plan, and some hosting providers offer daily backup services. How often you need to back up your website will depend on how often you update it. When your insurance agency backs up your site, keep a copy of the backup off your server in easily accessible cloud storage. If your host is hacked and the content on the server is compromised, you will have an unaltered version stored out of the hands of hackers. -
Train users on how to stay safe
Once you have your cybersecurity plan enabled, train all users on how to stay safe and prevent attacks. Educate users on how to generate very strong passwords and keep them safe by using a password manager, recognize email phishing scams and how to encrypt emails containing sensitive information. What is a strong password? Currently, use at least 10 characters, with alphabetic characters (including a limit), numeric (random, non-sequential), and special characters (exclamation, etc.). Many website platforms, such as WordPress, will generate and / or measure the strength of your password.
To protect your website, start with the basics above and then determine if you have the experience to stay on top of potential cyberattacks. If not, consider outsourcing this initiative to a competent web hosting and liability company or insurance marketing agency.