According to Bitrix, Inc., 46,541 zombie computers are added to the ranks of the botnet network every day. The company reports that the number of sites and pages infected with malware is capable of doubling every six months, and was around 640,000 websites and 5.8 million Web pages toward the end of 2009. Of those infected entities, 77 percent were legitimate websites that had been infected, and were inadvertently producing more victims. The average cost to organizations that have suffered security breaches is $234,244. Despite the clear danger, 41 percent of companies find themselves underprepared against potential hacker attacks.
Based on its experience in the development of security systems for Web resource management, Bitrix, Inc. offers the following 10 guidelines for your consideration.
Click through for 10 guidelines to ensure the safety of your Web resources, as outlined by Bitrix, Inc.
Check both for website management system and third-party plug-in security updates. Bitrix, Inc. recommends that security personnel subscribe to prominent security-related newsletters to stay up-to-date with the latest security challenges.
If you suspect abnormal activity, don’t wait to perform a deep scan of your system and consult a security professional.
Keep as many logs of your system as possible. They will help you or a security specialist identify infections and clean the system.
Back up your system on a regular and frequent basis to avoid data loss should an infection occur. This is something you will never regret.
Use the integrity control tools integrated in your CMS or acquire some created by a third party.
Even if your CMS is equipped with a best-of-breed security framework, you cannot be too careful in the modern Web.
Make sure you use the Web application firewall integrated in your CMS, as well as other security features like one-time passwords, IP-based authentication, abnormal activity blocker, etc.
Use reliable Web applications that have a proven security track record.
Consult a security professional for website maintenance and regular inspections, as well as for third-party plug-ins and proper software deployment.
Follow best practices and Web hygiene rules: Keep your login/password in a safe place, use one-time passwords, and properly configure your system (e.g., switch off the global variables feature in PHP).