Unsecure websites are vulnerable to attack. Keep your business and customer information safe by working through the steps on the checklist below.

Steps to work through yourself:

  • Create a long and strong login password
    Use a passphrase of four or more words that’s different from other services.

     

  • Turn on two-factor authentication (2FA)
    Adds a second verification step for stronger security.

     

  • Keep your software up-to-date
    Regularly update CMS, plugins, modules, and web server tools.

     

  • Back up your business data regularly
    Store backups securely and offsite for quick restoration.

     

  • Create an incident plan
    Have contact info and recovery steps prepared for quick response.

     

  • Report cyber security incidents to CERT VU
    Get professional advice and help prevent future incidents.

Steps to work through with your IT provider:

  • Enable HTTPS on all pages
    Ensure all website pages, including CMS, use HTTPS.

     

  • Set up to receive alerts
    Get alerts when changes are made to the website or CMS.

     

  • Check your CMS
    Confirm that 2FA and alerts are still set correctly.

     

  • Follow cyber security best practice
    Ensure changes follow OWASP security techniques.

     

  • Check you still need all the plugins
    Remove unused plugins to reduce security risks.

     

  • Get Payment Card Industry Data Security Standard (PCI DSS) compliant
    PCI DSS ensures safe and secure transactions. Avoid handling payments unless your system is compliant.

 

  1. Download Document (French): Sécurisez le site web de votre entreprise
  2. Download Document (Bislama): Protektem websaet blong bisnis blong yu