Unsecure websites are vulnerable to attack. Keep your business and customer information safe by working through the steps on the checklist below.
Steps to work through yourself:
- Create a long and strong login password
Use a passphrase of four or more words that’s different from other services. - Turn on two-factor authentication (2FA)
Adds a second verification step for stronger security. - Keep your software up-to-date
Regularly update CMS, plugins, modules, and web server tools. - Back up your business data regularly
Store backups securely and offsite for quick restoration. - Create an incident plan
Have contact info and recovery steps prepared for quick response. - Report cyber security incidents to CERT VU
Get professional advice and help prevent future incidents.
Steps to work through with your IT provider:
- Enable HTTPS on all pages
Ensure all website pages, including CMS, use HTTPS. - Set up to receive alerts
Get alerts when changes are made to the website or CMS. - Check your CMS
Confirm that 2FA and alerts are still set correctly. - Follow cyber security best practice
Ensure changes follow OWASP security techniques. - Check you still need all the plugins
Remove unused plugins to reduce security risks. - Get Payment Card Industry Data Security Standard (PCI DSS) compliant
PCI DSS ensures safe and secure transactions. Avoid handling payments unless your system is compliant.
- Download Document (French): Sécurisez le site web de votre entreprise
- Download Document (Bislama): Protektem websaet blong bisnis blong yu