Taking Action – How to improve website security

If you are looking for some tips on how to improve website security for your small business then it may not be as painful as you think, often it is just a case of some small changes to processes and regular check ins on the basics we all know.

What we will cover

How to improve website security – Creating a plan

There are many straightforward and easy ways to protect yourself online, but often simple security measures go overlooked because people aren’t aware of what they should be doing or because they forget to do it.

To be honest, sometimes it’s just because it seems like hacks are high profile and will happen to someone and we just can’t be bothered. The most effective way to keep your business’s data secure is to create a plan and stick to it.

Below we’ll outline what the key points on your plan should be, and when you need to do them.

First here’s a couple of things to bear in mind to help you actually make this a priority.

how to improve website security

It isn’t personal

When it comes to hacking, thanks to mainstream media we imagine a child prodigy able to bring down government systems whilst eating their cheerios. The reality is that instead of an individual targeting a particular website. Hackers write scripts to target vulnerable bits of code or repeatedly guess passwords.

WordPress and all the other CMS, are built on repeatable code in their themes and plugins. So if your website is out of date or your password is weak then it is only a matter of time until a nasty bit of code will target it.

It isn’t sexy

These tasks really don’t compare to the fun of rebranding or launching a new product. We get it, but it just needs to be done, can’t be bothered? Get a professional to do an audit. Otherwise…

It does happen

The reality is that it does happen. We have seen competitors lose client’s data due to system failures and clients get hacked due to insecure passwords. You are likely to point a finger at your tech team when it goes wrong, but it’s very likely they tried to help you prioritise your safety and it wasn’t a priority until it went wrong.

If you run an e-commerce site, consider your customer’s shopping details being compromised – now imagine not only the individual conversation but the PR one. Trust is earned, and hard to win back once lost.

Top of the list now? Thought so, let’s go…

Fix the easy things first


It’s a recurring theme when it comes to improving website security but it can’t be said enough – make sure you and your employees use secure passwords. Encourage them to create a password that isn’t obvious (ideally one that doesn’t appear on this list of the 100 most common passwords) and that doesn’t contain any personal information, like names or birthdays.

Vaults like Lastpass will do a great job of creating and storing complex passwords to make your life easier.

Anti Virus

You don’t have be an IT expert to install anti-virus software on any computers that are being used for your business. You don’t even have to pay, and free software like Microsoft Security Essentials and Malwarebytes will do admirable job of protecting your PC and your data from the evil forces that lurk on the web.


Wi-Fi is another weak spot for many small businesses. If you care about keeping your data safe then you should make sure your Wi-Fi network requires a password and that WPA2 security is enabled.  An unsecured network might be alright for your local coffee shop but not for your business.

We can help by recommending reliable IT partners that we have worked with over a number of years if you are looking for an expert in this field.

Do the boring things on a regular basis

Changing passwords might seem like a chore, but making your employees update theirs on a regular basis will greatly reduce the risk of hackers accessing company accounts. It’s recommended that you do this every three to six months.

Even if you’re careful it’s always best to plan for the worst-case scenario. Regularly backing up your business’s documents is always a good idea, whether you’re a victim of hacking or hard drive failure.

New viruses are born everyday so it’s worth keeping your anti-virus software databases up-to-date. Most anti-virus programs will prompt you when there’s a new update, so don’t ignore these notices if you want your company computers to remain uninfected. Don’t put off those OS updates either, often the latest updates will fix any security holes.

The same applies for your WordPress website – systematically keeping the plugins up to date means capitalising on someone that has already done the hard work for you.

Educate your employees on how to improve website security

Your biggest defence against a cyber attack is common sense, but it’s not always easy to know the right thing to do if you don’t understand what you’re dealing with. The best thing you can do as a boss is to regularly educate your employees, so that the information sinks in and is always up-to-date.

Schedule regular meetings to discuss security – they don’t have to be long and could save you a lot time spent fixing security breaches. Stress the importance of secure passwords but also share examples of common traps like phishing scams and untrustworthy websites so that your staff know what they look like.

With many people using personal mobile devices for work it’s also essential that you remind them what company information it’s okay to share on their tablets and smartphones, and not to share it over unsecured networks.

Plan for the Future

As your business grows so should your security measures. Set security goals for more advanced improvements like installing a hardware firewall, setting up a VPN (virtual private networked) and getting a NAS (Networked-Attached Storage) Device for more efficient backups.

It’s impossible to stay 100% safe online, whether you’re an individual or a business, but it is possible to give yourself the best chance of staying secure and safe by following the guidelines outlined above.

While there’s plenty you can do to keep your business’s data safe the security of a website ultimately starts with the host.

Here at Vu Online we’re always striving to improve our security, making sure our websites are hosted on the most secure servers and offering WordPress maintenance packages so that our customers get the peace of mind they deserve. We also conduct GDPR and data audits for those concerned about the safety of their digital.

Do you know anyone who may be interested in this project?

Click to share: