Reader's Favorite Nuggets
Recent Hits All Time Matt's Favorites
Recent Reader's Favorites

Our Nugget List

The Unappreciated Life of a Website System Administrator

by
The Unappreciated Life of a Website System Administrator 3860-daily-golden-nugget-625Website security, data backup, server monitoring, and domain name management are all common tasks for the everyday average System Administrator. Even though you may not be paying an IT person on your own staff, someone out there is probably overseeing the functionality of your website 24 hours a day, 7 days a week.

The 4 tasks of system administration I mentioned above are usually included in the hosting of your website. But sometimes they are not, and I'd like to talk about how this stuff affects your jewelry store business.

Website Security:

There are 2 basic topics regarding website security. The first is the complexity of your FTP username and password, and the second is how impervious your website server software is to hacking attempts.

Unless you are paying for specialized hosted website software, (like a Yahoo Pro Shop, eBay Store, etc.) every website has an FTP username and password. FTP stand for File Transfer Protocol and it's one of the common ways your website programmer will access and upload your website.

Most of the time an FTP username is 5 or more characters and passwords need to be difficult enough that hackers can't guess them. The security requirements for the passwords all depend on the policies of your website host. Passwords with less than 6 characters are usually easy to hack with brute trial and error. The best passwords are really long, as in 10 or more characters.

If your password is "diamond" or "diamond1" then you should go change that right now. That's an easy password to guess. Don't use your name, names of family, pets, or important public dates either. Once a hacker guesses your password they can deface your website, or worse, delete the whole thing.

I've seen websites that had their home pages replaced by a hacker, and I've seen websites that had hidden code added to all the web pages without the owner even knowing about it. I've even seen websites where viruses were uploaded and would activate when unsuspecting users clicked on a page they'd been using for years.

Your best defense is long passwords.

On the other hand, the difficulty level of your FTP password won't make a difference if the software installed on your website has other security holes. These security holes are what lead the entire online e-commerce industry to PCI Compliance back in 2003.

Security holes don't often lead to defacing of websites, but instead a very smart hacker can trick a website into showing password protected pages and private information. That private information could include social security numbers, banking information, or credit card numbers.

I've seen security holes that allowed a hacker to trick the website into randomly showing whatever page was in memory at the time. All the hacker had to do was trick the website every few seconds to see the activities of other users that were currently using the site.

Since hackers get smarter every day there is no guarantee that your website is 100% PCI compliant. The only way to guarantee it is to hire a security company to do daily audits on your website. These audits will test your website against the latest hacking techniques and provide instructions to fixing it.

Website hosting does not come with PCI compliance testing. You have to pay extra for peace of mind.

On Monday I'll explain the different types of backup methods for your website.
AT: 12/14/2012 08:57:32 AM   LINK TO THIS GOLD NUGGET
Confused and worried about your mobile website options? Click here to find out how to get your own website evaluation and a game plan to make it better.

Like This Jewelry Website SEO Gold Nugget? Please Share!

Like Our Site? Follow Us!


0 Comments on The Unappreciated Life of a Website System Administrator

Post a Comment
Name:

Check here for Anonymous
Email

Website:

 
Please contact me at the phone number and address below
Phone Number

Address:

 
Comment:

 
User Verification
2 8 1 2 0 7 1 6
Please enter the number you see in the box.
[ What's This? ]
Sign Up For Emailed Daily Gold Nuggets

"...articles are easy to follow and seem to have information one can use right away."
-Ann, Gallery 4, Hamden CT


"...serious kudos to you. We love your straight talk, pertinent information and plain language. I don't know how many industries have something of jWAG's caliber available, but I learn from the emails every day. Really, really nice work, and very appreciated."
-Cheryl Herrick, Global Pathways Jewelry