Three simple steps that will help you protect your site.
Today, it is common for businesses and nonprofit organizations to accept payments online. However, this opens the door to more and more “bad guys” out to grab personal information and take advantage of those that are not being protected. In the following article we provide you with three important steps to protect your site. You may have heard of the Payment Card Industry Data Security Standards before, which is a set of rules governing how sensitive information can be stored and transmitted in order to ensure data privacy and security for all users.
Here are a few steps to move your site towards PCI compliance online:
1) Change your passwords
Picture this common scenario: you get a default password from a vendor, then you pass it on to your co-worker. One week later, you are so used to typing in 473ngtw@! that you can do it with your eyes closed. Bad idea! Hackers are familiar with default passwords and can easily gain access if they attempt the right site at the right time. Get into the habit of changing default passwords right away.
2) Use a firewall
A firewall examines any traffic attempting to access your site. Based on a set of standard criteria, as well as any criteria specific to your site, the firewall will allow or block requests to your site. In addition, a firewall can prevent comment spamming on your blog – saving you the trouble of deleting all those unwelcome posts. There are many companies that can provide a firewall – just to name a few: Cloudflare along with its CDN (Content Delivery Network), and Sitelock.
3) Keep your systems current
Not only is it tedious, but it can be a major headache to update all applications your site might be using. That includes your CMS (i.e. WordPress) and all plugins, add-ons, etc. However, why is it strongly recommended? Here’s an example: a hacker manages to find a security loop in a plugin on your site which allows them to target your visitors. Meanwhile, an innocent user is attempting to make a donation to their favourite cause, and unknowingly sends money straight to the hacker’s bank account in Guatemala. By updating WordPress and plugins (or any other systems you might be using), you will minimize the risks caused to your site and site visitors.
These are a few tips to move your business or organization towards PCI Compliance. Visit https://www.pcicomplianceguide.org/ for a full list of PCI Compliance criteria.