Secure your business website

Unsecure websites are vulnerable to attack. Keep your business and customer information safe by working through the steps on the checklist below.

Steps to work through yourself:

  • Create a long and strong login password
    Use a passphrase of four or more words that’s different from other services.

     

  • Turn on two-factor authentication (2FA)
    Adds a second verification step for stronger security.

     

  • Keep your software up-to-date
    Regularly update CMS, plugins, modules, and web server tools.

     

  • Back up your business data regularly
    Store backups securely and offsite for quick restoration.

     

  • Create an incident plan
    Have contact info and recovery steps prepared for quick response.

     

  • Report cyber security incidents to CERT VU
    Get professional advice and help prevent future incidents.

Steps to work through with your IT provider:

  • Enable HTTPS on all pages
    Ensure all website pages, including CMS, use HTTPS.

     

  • Set up to receive alerts
    Get alerts when changes are made to the website or CMS.

     

  • Check your CMS
    Confirm that 2FA and alerts are still set correctly.

     

  • Follow cyber security best practice
    Ensure changes follow OWASP security techniques.

     

  • Check you still need all the plugins
    Remove unused plugins to reduce security risks.

     

  • Get Payment Card Industry Data Security Standard (PCI DSS) compliant
    PCI DSS ensures safe and secure transactions. Avoid handling payments unless your system is compliant.

 

  1. Download Document (French): Sécurisez le site web de votre entreprise
  2. Download Document (Bislama): Protektem websaet blong bisnis blong yu