Skip to Content
 
Call Toll-Free 877-426-8849
 

Security

Website Security Isn’t an Option

website hosting and secuirty

Since 2014, Google has been encouraging website owners to use HTTPS.  So what is HTTPS?  HTTP is Hypertext Transfer Protocol and is the technology that passes information for websites across the Internet.  HTTPS is the secure version of HTTP and uses an SSL Certificate to encrypt the traffic, which is a good first step in website security.  When a website uses HTTPS the data is protected from hackers viewing the traffic.  Sensitive data such as credit cards can then be passed across the Internet securely.  

Using HTTPS correctly will give your website a boost in the search engine ranking.  Many marketing companies have caught onto this and have started using HTTPS.  Now Google is moving from carrot to stick.  When Chrome version 62 comes out in October websites with text input will require an SSL certificate.  If you don’t have HTTPS then Chrome will display a “Not Secure” warning in the address bar. In addition, to this Google has already started to blacklist websites that allow password and credit card fields without using HTTPS.

We have run across many websites that fail at HTTPS.  Registrars and hosting companies offer SSL certificates but don’t provide assistance with implementing the certificates correctly.  There are three aspects of proper HTTPS implementation.  First, you must purchase a certificate and have it installed on the hosting server.  This can be tedious and require the process to be repeated annually.  Remembering when the certificate expires and renewing it is frustrating.

Second, the website must redirect all traffic to HTTPS.  A certificate without this step is useless and many website owners fall prey to clever marketing that provides a certificate but no implementation.  This redirect can be done many different ways.  All pages should be permanently redirected so that the SEO value transfers correctly.

Third, the code may need to be adjusted as a result of mixed content errors.  Mixed content is when an image is using HTTP and the web page is using HTTPS.  Because one is secure and the other is not this creates a mixed content error.  All assets such as images, CSS, and javascript must use HTTPS if the web page is using HTTPS.  This is especially important with WordPress websites.  

Anttix utilizes webClinic Pro for website hosting and website security.  Our customers enjoy proper implementation as part of the service.  You don’t need to worry about figuring out how to make your website secure, all of this implemented for you and reviewed regularly to ensure that your website stays secure.
 

Category:
 

Security Update: BadUSB

Computer Security

We all know we can get viruses and malware from various websites and shady emails, but did you know an untrustworthy USB device can do far more harm? The latest technology threat comes in small packages, such as USB storage, charging stations, and peripherals. An insecure USB device plugged into your computer, laptop, or phone can quickly corrupt your computer or device beyond repair. That doesn't mean a simple trip to a computer repair service or software update will fix your problem. That means your entire computer may just have to be thrown out. These bad devices are referred to as BadUSB.BadUSB Device

This scary truth is due to USB devices having no protection against reprogramming, allowing any number of compromising attacks. For example, a USB device can be programmed to simulate a keyboard and type commands into a person's computer. It may also be programmed to mimic a network device and redirect the traffic from that machine. It may also carry a virus that simply infects the computer on boot-up and write itself to the very core of the system. All of these scenarios are quite malicious and very damaging. Nowadays USB devices are plentiful, affordable, and quite accessible making the threat that much greater.

So how do you protect yourself from BadUSB? For starters, never plug an unknown device into your computer or device unless you know its source. Avoid untrustworthy charging stations, free USB storage devices, and unfamiliar peripheral devices. Use only devices you purchased new or have been using on only your devices for some time. For the most part, technology has some catching up to do so you should be seeing new, secure USB hitting the market with hardware preventing reprogramming of the device. As these versions of the devices you know become more readily available the threat will lessen and you can rest a bit easier. For now, be cautious and for more information please feel free to contact Anttix toll-free at 877-426-8849 or click here to contact us by email.

Category:
 
Tags: