We’ve spent a year protecting ourselves, but what about our data?
Let’s not beat about the bush, it’s a been a bit of a strange year. Face masks and distancing became ‘normal’, and as for what the next few months hold… well, that’s still anyone’s guess.
Have we learnt anything in this strange time though? Some would say they’ve learnt not to trust politicians, or local or national Government, but that’s not really the road I want to go down right now…..
Back in March 2020 several people said – or at least thought – “it will all be over in a few weeks” and put parts of their normal routines on hold for that time. Ian Dickson‘s advice at the time was “plan on this lasting six to eight months”. Some no doubt laughed, but many people I know took this advice and planned accordingly. Whichever school of thought you subscribed to here though, one thing was common for us all: no one knew how long it would last or what would happen. I dare say it’s often like that in a lot of businesses, organisations, even families.
We adapted to doing things differently. For some this was harder than others. I’ve been advocating, practicing and facilitating remote/home-working for almost twenty years. I used Zoom before most people had even heard about it. In many ways I had it easy, but not everyone did. I had the privilege of helping some people transition to working differently, of helping businesses change their focus and way of working (hate the P word), and watching some thrive over the past year. I’ve also seen some former colleagues and friends slide away into the background, sometimes their businesses too.
We put more effort into protecting ourselves. Washing hands, social distancing, wearing masks, and now vaccinations. We stopped doing things that could have a higher risk (not necessarily through choice, but generally for the right reasons) and got to know the insides of our homes much better.
But what about our data?
Throughout this period of putting more effort into protecting ourselves, I’ve had several failed hard drives come in for repair and recovery, and been called upon to recover a number of hacked websites too. It’s left me wondering what it would be like if we applied some of the lessons and changes of the past year to our digital lives as well as our personal lives.
The simple takeaway is backup, backup, backup. Whether it’s the files on your computer, the photos on your phone, the USB stick that you carry around, your emails, your website… whatever digital data you rely on: backup!
Washing hands. Two minutes isn’t long in the scheme of things, and a squirt of hand sanitizer here and there doesn’t really eat into our productivity. Yet we so often pull a USB memory stick thing or external hard drive out of it’s slot without making sure the computer isn’t still accessing it – the quickest way to cause corruption and data loss. We don’t save out work as we go along ‘just in case’ (goes and presses save draft). We don’t install the updates for software we rely on, or the themes and plugins on our website… You get the idea: quick and simple steps that can help prevent bigger problems.
Social distancing. We became wary of other people getting too close, but make little effort to protect ourselves with unique/complex passwords as we know we should. We’d wipe down the handles of a supermarket trolley but not run an anti-virus scan on our computer or website. We’d limit the number of people we were with, yet some web designers and hosts will put multiple websites onto a single account, so that if one gets breached the hacker has access to spread their virus or malware to them all. I’ve seen it happen sadly.
Wearing masks. The barrier to help prevent the spread of the virus, stopping it from getting in (or out, or both… let’s leave the exact science and questions about type and filters to one side for now for the sake of the analogy, thanks). In the digital world the obvious equivalent would be a firewall. Windows has one built in. Your router may too. Does your website? We install WordFence on all WordPress sites we manage, and one site reported over 500 blocked access attempts one afternoon last week. Someone was clearly intent on causing some damage to that site. They couldn’t. We also recommend CleanTalk to protect against spam submission on contact forms and comments.
Prevention is better than cure – we’ve all heard the adage, and it’s so true in these examples. Last week we were called upon to look at two websites that had been compromised. One client hadn’t even started to build anything on their site at the time, but it was redirecting visitors to malware. Given that there was nothing on there the quickest and safest option was to just delete the files and start again. The other was a well-established business site with content that had been built up over a number of years. Someone had gained access, edited the content of files, installed others, and the net result was that the site was no longer accessible at all. We were able to restore the entire site within a couple of hours, but had there been a backup in place it would have taken ten minutes.
Practical Steps
Right, enough wittering on: what steps can you take to protect your data?
- No matter what else, take regular backups of your data. If your site is hosted with us you have access to manual backups in the Hosting Control Panel and can take your own backup at any time. If you are on a Managed WordPress plan (CloudHost Connect) then we are running regular offsite backups for you.
- Keep each website in a separate hosting account so that others aren’t vulnerable if one gets compromised. It can mean paying slightly more, but we can sometimes negotiate on the cost of additional hosting accounts.
- Have a Firewall and other protection in place. Most Hosting providers will have some level of protection on their network already – do check and make sure it’s enabled. If you are using WordPress, install and configure WordFence to help protect the site for you… again, if you have a Managed WordPress plan with us then you’re already covered, and CleanTalk can be added if needed.
- WordPress is the most common CMS, and therefore the one that hackers prefer to target. It’s really important to make sure that the core code, themes and plugins are kept up to date. (Yes, we can…)
- Check who has access to your website and hosting account. Remove people who no longer need access and make sure that passwords are unique, complex, and changed regularly.
Help if you need it
If you have any concerns about your own website, hosting or computer then get in touch and let’s see explore what might need to be done.
Extra WordPress tools on CloudHost.One™
If you have WordPress Hosting on our platform you also have access to some additional tools in your Hosting Control Panel that can help keep the site safe and secure.
You can quickly see which Plugins and Themes are installed and enabled, and can deactivate them if needed from the Control Panel (this can be helpful if one is causing problems). Users can be viewed, added, edited or removed from here also.
If you are looking to make changes to your WordPress site, our 1-click Staging environment can be a huge help. It will create a copy of the site so that you can work on changes without affecting the live site, and once you are ready you can then push all those changes from the Staging site to the Live site in a single click.
Finally, the Checksum Report checks the core files of the WordPress installation and determines if they match those of the official WordPress core repository. Should it find any possible problems you’ll be alerted, and can then fix those files. (You may want to also take advantage of the Malware Scanner further down the page too!)
Recent Comments