We've been talking a lot about why you need to make your website secure, and for good reason. But today we're going to look at it a little differently. Rather than discuss how it improves your website, we're going to look at why you need it in the first place and how not being secure compromises you.
It's important to understand why hackers “hack” in the first place. Essentially hacking is exploiting a vulnerability on a website for a range of reasons - from just getting an ego boost; through to stealing passwords; stealing data to make public; or to highlight wrong doings.
Usually, when you hear of a hacked website it's referring to spam URL injection where a hacker creates additional spam URL's that leverage the perceived authority and ranking potential of that domain. Google have taken several steps to try and encourage people to move toward more secure methods and now have taken to naming and shaming unsecure websites on Chrome.
So how much does a website hack hurt your SEO performance and rankings
Simply, there is no definite answer. But when you combine data from hacked websites and average it out, certain trends start to show.
- Half the time there is no visible impact to organic search performance
- 30% of studies on this data have shown there is generally a 25% negative impact on your SEO
- That means potentially losing up to ¼ of all your search traffic, and regardless of your business size that can take some time to get back
Google will also quarantine your website which means that when a user goes to visit it, they will see the big red flag message below displayed. This means Google has recognised that your site has been hacked or infected with malware.
How does a website become vulnerable
Most companies will normally pay for a form of 'penetration testing' or security audit when they commission a website. The mistake a lot of people make is that they think the job is done and move on. This is why professional hacking is a career for some. Unless you're running your website on a bespoke platform, you're probably using an open source platform (eg wordpress) which means you're always liable to be at some degree of risk. This is partly because they use plugins that are outdated or not maintained properly, and partly due to the fact that over time vulnerabilities are found in the underlying platform (often as finding common vulnerabilities in highly used software can yield better results). Because these platforms are open source, it means any announcements about their vulnerabilities are open too, and opportunistic hackers will keep a keen eye on these announcements...and so do you. Websites will change over time and are not static. The best way to ensure that your website remains secure is to actively monitor and audit it
When is prevention better than cure?
Well generally, all the time. Fixing hacks and vulnerabilities is not only costly financially, it's also costly to your reputation. Depending on the requirements of your site, there is several different prevention methods available. Rather than using a common place system, you might be better to look at a custom bespoke platform (that adds a level of individuality that can be counter productive to hackers), or, rather than using the most common platform you might be better to invest in another that offers more benefits suited to you.
Ensuring your website security is not complicated, but best to be done by those with the technical expertise to ensure it's correct. If you're unsure of your security, or would just rather be on the safe side, send through your website and we can run the necessary checks and balances for you.