Secure Web Hosting: 10 Questions You Must Ask To Be Really Secure
If you are reading these lines it means you really need to be secure. This article is all about 10 questions you need to ask your hosting provider if you would be like to have guaranteed secure web hosting. Lots of web hosting providers promise security but only a few can really offer security. If your business or organization is on the web then your security probably means a lot to you and taking this aspect of your web seriously cannot be over emphasized. I once fell victim late 2012 to insecure web hosting and it cost my start up everything. And I mean EVERYTHING.
We had to start up the start up again. The web hosting provider we decided to use suddenly closed shop for a week and like you can guess, so did every other website that hosted with them. This is what I am going to tell you.
If your web presence means a lot to your business (which I am sure it does), your choice of a secure web hosting provider is as important as every major business decision you would make.
Must ask Questions before looking Secure Web Hosting?
These 10 questions are the ones you should ask and ensure you are satisfied with the answers before hosting your web on their platform.
1. How do they secure Uploads?
One of the ways hackers gain access is through the same way you gain access – uploads and this is usually done with FTP. If your provider does not offer sFTP, which literally means ‘secure-FTP’ then there is a lot that can go on if a hacker decides to gain access.
2. How often do they monitor security?
You would notice this is not a question of whether they do security monitoring or not. A secure web hosting provider should monitor security by default. However, how often they do this routine is what determines whether you would be secure. Imagine if it is your client that discovers the problem on your site, that goes a long way in determining whether you lose that customer. A better option is your provider finding it first.
3. How updated are the applications and the software?
Using an old version of an application or software means only one thing – vulnerability.
Hackers find it easy to gain access to outdated versions than updated versions. If your provider’s software is not updates, how supportive are they if you decide to do a manual update.
Using not up to date versions of software is like securing your house and leaving the windows open.
4. Can you install applications?
Lots of hosting providers have already pre-installed applications that customers only need to fill in template requirements and all is done. Like I mentioned earlier, most of these applications might not be updated. So instead, ask if you can install your own CMS or software package for your site. You would have better chances of securing your own site.
5. Can ‘useless’ applications be disabled?
Ok! I don’t mean this in a derogatory way. ‘Useless’ here just means applications you are not using. If they are still enabled, they will increase your vulnerability as they grant access to your site without even using them. If they can be disabled, you are guaranteed better security
6. Is SSL(HTTPS) on offer?
Usually this would mean you pay more. But, if your site requires your customers to input usernames, passwords, credit card information, If your provider does not have HTTPS on offer, it will mean bad business for you. Using HTTPS means that your customers are guaranteed of a safer input as what this does is encrypting such information so that it doesn’t just go in as text that can be easily hijacked by hackers should they break in.
7. What platform is your application installed on?
If you ask these question, they will most likely give you an answer. What you should want to know is how secure the platform is and how often they run security patches. Even if your site is secure from your own end, an insecure platform from the server end is enough compromise already.
8. Do they backup?
You remember my story of having to start up my start up again? Well, that was majorly because there was no backup from their end and ours was as good as day one. If your provider is not backing up, it’s time to look for another and I am not saying this because of my experience. Actually, I am. Much more important is the how often do they back up? You don’t want to end up with an old date that is good as “day one”.
9. What happens when there is a security breach?
Should in case there is a security breach, how would they handle it? You have a better chance at securing your website with a provider who knows what to do in such cases than one who doesn’t. Do they have procedures for responding swiftly should in case you notice any security incident? If they do, then you are well in line.
10. Ask for their security policy.
This is what shows you how serious they take your own security and in fact their own security. If they tell you they don’t have one, tell them you ‘ll get back to them and never do. What security options are they offering? How often do they run security checks? How do they secure their own network? What precautions do they have? If they can provide you with what they do to secure your data in a policy document, Your security to a reasonable extent is guaranteed.
The Internet is a growing global space and we are just beginning to scratch its surface. With increasing global activity comes the responsibility of security. A secure web hosting provider is your best bet to guaranteed security. But, if you would really be secure, ensure that these questions are answered satisfactorily.
Did I missed some important point? Share your ideas in comments section.