Although 80% of individuals responsible for building and/or maintaining a website believe their websites are secure, many admit their sites lack basic security measures and say they have no plans to implement stronger ones, as revealed in a survey conducted by Clutch, a leading research and reviews platform for business services.
The survey of 302 builders and maintainers of personal, business, and other websites identified several ways that their websites have been compromised. Nearly a third (30%) report being the victims of email phishing; 22% have been victims of identity theft; and 18% have experienced a hack or ransomware, such as the WannaCry attack that swept through over 150 countries last week.
Despite the growing prevalence of these kinds of attacks, 54% of respondents believe that they haven’t experienced security liabilities. Experts warn that the number of compromised websites is likely much higher.
“Many people won’t know that they’ve been hacked, or that there was a security breach,” said Kevin Ng, a web developer and partner at Wildebeest, a product studio that creates custom software. “The best attack is one you don’t know about.”
A range of 26% to 63% of respondents (depending on the specific security protocol) admit they do not currently take advantage of common tools such as password protection, 2-factor authentication, and network security.
Only half of respondents for example, say they update their applications and software when prompted. Among those who don’t currently install regular updates, only 18% say they plan to do so in the future.
Nick Damoulakis, president of Orases, a full-service, digital technology agency says many of his clients seek help building a more secure website only after their original site becomes unreliable or suffers a hack.
“Many of our clients’ expectations weren’t set up from the beginning in terms of the maintenance of those sites,” said Damoulakis.
The risks of inadequate security come in two primary forms: operational and reputational damage. Experts point out that no website is too small a target; many hackers use smaller websites as stepping stones to wage attacks against customers or clients.
To minimize security gaps, Clutch recommends that website managers implement tools such as password managers, and conduct regular security audits.
To read the full report and source the survey data visit: https://clutch.co/website-builders/resources/how-to-upgrade-website-security.