7 Steps to Protect Your Online Business from Getting Hacked

By John Mason

In today’s digital world, one of the biggest threats companies face is getting hacked. When your business is based entirely online, this is a major concern. According to a 2015 Duke study, 80 percent of U.S. companies have been successfully hacked. Small businesses are at greater risk. Eighty-five percent of businesses with fewer than 1,000 employees report being hacked compared to 60 percent of larger companies.

These numbers aren’t much different in the rest of the world. According to the survey, 85 percent of firms in Asia, Europe, Africa, and Latin America also report having been successfully hacked. In the UK, research shows that 90 percent of large organizations and 74 percent of small and medium-sized businesses have encountered a security breach. For small and medium-sized businesses in the UK, these breaches can cost an average of £75,000 to £310,800 in the worst case scenario. Taking the proper steps to secure your online business can greatly mitigate your risk. Start with these seven tips.

Enable Security Features

Luckily there are many ways to build extra security features into your business’s website. It’s in your best interest to take advantage of them. This can be as simple as using strong passwords and limiting login attempts for you and your employees. Other security measures include changing the default database prefix on your site to make it harder for hackers to attempt malicious logins or hiding the identity of your website’s CMS.

Keep Your Software Updated

One of the common way hackers get ahold of online businesses’ sensitive information is by hacking into the software they’re using. Older versions of website software are easier for hackers to attack because they know where the vulnerabilities lie. By keeping your systems up to date, those bugs will have been patched up and hackers will have a harder time getting in. This bit of advice applies to all software your business uses, including:

  • Computer operating systems
  • Content management systems like WordPress
  • Additional plugins or themes installed on your website
  • Payment software
  • Accounting software
  • And more

Secure Your Hardware

In addition to keeping your software updated, it’s important that your hardware doesn’t fall into the wrong hands. Cyber-attacks aren’t only carried out online. Physical attacks are a threat, too. This can involve someone getting their hands on your mobile phone or computer and accessing your business files that way.

Always be aware of your devices and who is accessing them. Ensure your computer and phone are password protected to help deter thieves and malicious attackers, and be sure you have anti-malware and antivirus protection installed—and that it’s always up to date. Avoid saving any business-related passwords on your computer, and be sure you have the software installed to allow you to locate or wipe a lost or stolen device.

Use a Virtual Private Network

Using a virtual private network (VPN) is a common tactic for businesses to add an extra layer of security. This is especially true if you’re connecting to sensitive files long-distance. VPN services route your Internet data through their servers, which masks your IP address for privacy and encrypts your data. This can be especially useful for online businesses whose employees work in flexible environments, such as working over public Wi-Fi while traveling. This will protect sensitive data like passwords and company files when you’re connected remotely. VPN providers offer subscription models, sometimes for less than $10 per month. You can also try using free vpns, such as Tunnelbear which is pretty credible.

Educate Your Team

It’s not enough for one single team member to ensure their computer software is up to date, their hardware is secure, and they’re not accessing business data through vulnerable networks. Warding off attacks only works when everyone is following the same protocols. One mistake is all it takes to let hackers through the cracks. Talk to your team members and employees about cybersecurity and expectations to ensure your data doesn’t fall into the wrong hands.


SSL refers to “secure socket layer” and is a type of protocol that encrypts data between your website and your database. That way, hackers can’t get ahold of users’ personal information while it’s in transit. This is especially useful if your site collects personal data from customers, such as credit card information or addresses. You will have to purchase, activate, and install the SSL certificate on your website, but this is usually easy to do through your hosting provider.

Backup Your Files Frequently

As a last layer of defense, be sure to back up your business files and website frequently so that if something does happen, you can quickly restore the site. Consider putting together a plan of action in case your online business is hacked. That way, you can reduce costs, improve response time, and get back on your feet quickly if you encounter a cyber-attack.

Cyber-attacks are a real threat to online businesses both big and small, but implementing the proper security measures can help reduce the risk of a costly data breach.

Like this article?

Share on Twitter
Share on Linkdin
Share on Facebook
Share via email

Other posts that might be of interest

Photo manipulation in progress
Internet Psychology

Do you airbrush the real you?

I am running the risk this week of being disciplined at work. If my boss reads this (and she often does) she will discover I have done something naughty. Recently, I posted a picture on

Read More »