Today, with the proliferation of open-source technologies like WordPress, Joomla and other Content Management Systems (CMS) people around the world are able to quickly establish a virtual presence with little to no cost. In the process however, a lot is being lost in terms of what it means to own a website.
We are failing each other, we are not setting ourselves up for success. We are learning the hard way what large organizations already learned – being online is a responsibility and will eventually cost you something.
What are the impacts of these hacks to your website? To your business?
The Effects of a Hacked Website
If you are a large organization, maybe you can quickly understand the impacts of a hack. Say you’re a Facebook? What would be the value for a hacker? I’d argue a couple of things come to mind quickly – you have what is known as Personal Identifiable Information (PII) – always a good thing, and you have the ability to abuse the largest network in the world and affect millions of users world wide. There are obviously a number of other motivations, but the point is the same. The objective[s] is clear and Facebook knows it, and so they invest heavily in its security. The impacts of such a breach could be devastating, think loss in ad revenue, loss in user adoption, etc… This is all common sense, right? It all just makes sense, but how does that translate to the rest of the online world? The 99% of us that don’t own Facebook-like properties?
This is not their fault. To a certain extent, they do have a point. When you think about it rationally, why would someone bother?
Let’s talk about Four Things you might be aware of, but honestly possibly things you haven’t given much thought to.
Whatever the reason, something has driven you to publish something that you feel is of some interest to someone, and you’re likely right.
In doing so, you have identified a potential audience and as it is on the web. That audience will at some point find your website. Whether you are a local gym posting your gym hours, or maybe a local restaurant showing today’s specials. The subset of people that have found their way to your website expect and demand a safe experience, even if they’ve never uttered the words.
The easiest way to digest this point is to think of yourself. Think of the websites you might spend your days visiting. Now try to fathom your feelings if while visiting a website you lost your life savings. Try to think of what you would feel like if someone stole your identity.
Should we worry about giving your visitors a safe online experience?
Contrary to popular belief, Google does not discriminate. Even if you do not sell, you are likely trying to achieve something. If you’re not, then what are your reasons for publishing online? Establishing a voice, sharing an opinion, or having a presence? What webmasters are almost always worried about is something known as Search Engine Optimization (SEO), more importantly how you rank on the Search Engine Result Pages (SERP).
Safe Browsing shows people more than 5 million warnings per day for all sorts of malicious sites and unwanted software, and discovers more than 50,000 malware sites and more than 90,000 phishing sites every month. – Google
What if I told you that you could lose all the hard work you put in to gain that SEO ranking in minutes? What if I told you that after a blacklist it could take you months to regain your position on these SERPs? What if I told you that a Google Blacklist has the potential to kill almost 95%, if not more, of the traffic to your website?
Regardless of your business, you have a brand. Whether you realize it or not, and regardless of the size of your audience, trust is an important piece of the puzzle. Many take this for granted, but it’s critical to the success of many businesses.
It can take years to build, and minutes to lose. A hacked website is notorious for destroying trust. Whether its a data breach or a drive by download that infects the visitors desktop. The result of either action, or one of many more nefarious acts, will almost always lead to the same thing – a loss of trust in your brand.
Are you okay with your audience losing trust in your brand?
I think it’s human nature to think, “This is not meant for me” or “I’ll just deal with it when it happens.” I can tell you though, from years of doing this work and countless engagements with website owners, the cost of a hack is always more than you can ever imagine. The response I always get is the same, “If I only knew it would be this painful.”
As a species, we are risk adverse when it comes to gains, but risk seeking when it comes to loss… – Bruce Schneider
When I say cost, it’s important to note that it goes far beyond money, although that can be crippling as well.
A question like, What do we do for the security of our website?
I’ll close the point with a note to developers / designers like us as well as clients. Our clients depend on us as their trusted technologists, it’s on us to educate and communicate the realities of having an online presence. Let’s be sure to be doing our part by introducing realistic expectations during the initial engagement process: Yes, the website will require maintenance. Yes, security is something you will be responsible for. Yes, having a website is a responsibility.