used with permission from FTC.gov
by Andrew Smith, Director, FTC Bureau of Consumer Protection
Your website is the online face of your business. Some companies have the in-house capability to manage their web presence. Others hire a web host to handle it for them. When launching a new business or upgrading their site, savvy business owners comparison shop for web hosting services. At the top of your shopping list should be the security features built into what you’re buying.
In our meetings with small business owners across the country, you asked for more advice on selecting a security-conscious web host. As part of our cybersecurity initiative for small business, the FTC has suggestions about what to look for and what to ask when hiring a web host.
Transport Layer Security (TLS). The service you choose should include TLS, which will help protect your customers’ privacy. TLS helps make sure people looking for your business online reach your real website when they type your URL into the address bar. When TLS is up and running on your site, your URL will begin with https. TLS also helps make sure the information sent to your site is encrypted – an important feature if you ask customers for sensitive data like passwords or credit card numbers.
Email authentication. Some web host providers let you set up your company’s business email using your domain name. Assuming your domain is yourbusiness.com, that means your email might be yourname[at]yourbusiness.com. Without email authentication, scammers can send emails that look like they’re from your company. A key defense against fraudsters is a web host that provide three essential email authentication tools: Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC).
Software updates. When it comes to creating a website, you’re too busy to start from scratch. That’s why many web hosts offer pre-built templates or ready-to-go software packages. But cyber risks are constantly changing. Be sure you know how you or your web host provider will keep your site’s software up to date, including the installation of the most recent security patches.
Website management. If it’s necessary to make changes to your site, will you have to go through your web host or is there an option of managing it on your own? Make it clear from the start who will manage the site after it’s built.
When you’re in the market for a web host provider, make it clear that security matters to you. Here are some questions to ask a prospective web host to gauge if you’re on the same security page:
Download the FTC’s web host fact sheet and keep it handy as you comparison shop.
Cyber threats never take a day off, never clock out and go home at the…
Building, deploying, and managing applications via Microsoft's global network of data centers is easier with…
Microsoft Copilot is a tool, powered by AI, that aims to boost your productivity within…
Making things happen is the art and science of project management. The process involves managing…
In today's fast digital life, website performance is important, as it holds visitors and ensures…
The FBI reported that cyber attacks against government facilities saw an increase of almost 36…