Category Archives: Security

Articles relating to computer security, viruses, malware etc.

Common Types of Malware to Watch Out For

Posted on by
Reply

Infected SystemsWhat is a virus and is it the same as malware?

Malware describes software designed to act maliciously on a computer. The name ‘malware’ is a shorthand for ‘malicious software’ and describes exactly what it is. A computer virus is a single type of malware that can cause harm to your PC, but it is only one of many. Other types of malware are listed below.

Adware

Short for advertising-supported software, adware is a type of malware that delivers adverts to your computer. These advertisements often pop-up and are intrusive, irritating and  designed to trick you into clicking something you don’t want. A common example of malware is pop-up ads that appear on many websites and mobile applications.

Adware often comes bundled with “free” versions of software that uses these intrusive advertising to make money. Commonly it is installed without the user’s knowledge and are purposely made to be difficult to remove.

Spyware

Spyware is designed to spy on the user’s activity without their consent or knowledge. Spyware is often installed in the background, collects keyboard input and can harvest data from the computer, monitor web activity and more.

Spyware typically requires installation to the computer. This is commonly done by tricking users into installing the spyware themselves instead of a software application that they thought they were getting. Victims of spyware are often be completely unaware of its presence until the stolen data is used elsewhere (ie in a fraudulent bank transactions or stolen online accounts).

Virus

A computer virus is a form of malware that is installed inadvertently, causing damage to the computer and / or user. A typical virus may install a keylogger to capture passwords, logins and bank information from the keyboard or it might steal or delete data, interrupt programs or cause the computer to crash.

Modern virus programs commonly use your computers processing power and internet bandwidth to perform illegal tasks remotely for hackers. The first sign of this can be when the computer sounds like it is doing a lot of work when no programs are running. A computer virus is often spread through installing unknown software or downloading attachments that contain more than they seem.

Ransomware

Ransomware is a very malicious variety of malware that prevents the user from accessing their own files and data until a ransom is paid. Files within the system are often encrypted with a password that won’t be revealed to the user until they receive money usually in the form of bitcoin.

Instead of accessing the computer as normal, the user is presented with a screen which details the contact and payment information required to access their data again.

Ransomware is typically downloaded through malicious file attachments, email or through a vulnerability in the computer system.

Worm

Another type of malware is the computer worm. Worms spread across computer networks by exploiting vulnerabilities within the operating system. Often these programs harm their host networks by consuming large amounts of network bandwidth, overloading computers and using up all the available resources.

While similar to a virus a worm is able to both copies of itself and spread independently. A virus must rely on human activity to run a program or open a malicious attachment while worms can simply spread over the network without human intervention.

If you would like to make your business secure from malware, give us a call at 08 8326 4364 or via email on support@dpcomputing.com.au.

4 Ways To Protect Your Firm Against Unknown Threats

Posted on by
Reply

Unknown threatsProtecting your business against the latest IT threats should always be a top priority. Updating your antivirus and keeping your operating system and applications up to date is a great way to start. What happens though, when a threat appears at your door before security firms have had a chance to catch it?

A security threat that exploits a previously undiscovered vulnerability is known as a zero-day threat. The name “zero-day” is designed to show how long since the vulnerability was discovered and also indicates that system developers have had zero days to fix it.

A newly discovered attack might be included in a computer virus or worm. This will allow it to spread far and wide, while inflicting the maximum amount of damage possible. When spread successfully, a new exploit has the potential to reach hundreds of thousands of computers before an operating system or anti-virus update can even be issued.

Here are 4 ways to help protect your business or lessen the damage from an unknown or  zero-day attack.

1. Preventative security

The number one way to mitigate the damage from any attack is to prevent it from happening in the first place. Maintaining a good firewall and up-to-date security system is the best way you can take to ensure the security of your system.

A firewall, which monitors traffic in and out of your network, reduces unauthorised entries and exits over the network. Even without knowing the exact nature of the attack, suspicious activity can be stopped.

The same is true of modern security software. Even when it can’t identify the specific zero-day threat from its virus database; it can often identify malicious intent from learned behaviour in the system.

2. A Locked Down Network

Should a zero-day threat make it into your network, our next goal is to limit its effects. By restricting user access to only essential files and systems we can limit the damage done to the smallest area. Good security policy dictates that each account should only have full access to the systems needed to complete the user’s job. For example, users from the accounts department shouldn’t have access to sales department databases – see our blog article here on this area of security.

In this way, the damage of a single compromised account is limited to only the network area it has permissions to. Limiting the impact makes it easier to recover if the worst happens.

3. Good Data backup

Whether your entire network has been exploited or only a small area has been affected; good data backups are a must and are your protection against major long term damage. Having a good backup means having the procedures in place to create regular backup copies and also regularly test those backups to make sure they can be restored at a later date.

Reliable and well tested backups are worth their weight in gold. They allow you to sleep well at night knowing your data is safe and your system can be recovered.

4. Intrusion Protection

While the precise methods of a zero-day exploit can’t be known in advance, a network intrusion protection system (NIPS) can monitor your firms network for unusual activity.

The advantage of NIPS over a traditional firewall and traditional antivirus software is that it does not rely on checking software against a known database of threats. This means it does not need updates or patches to learn about the latest attacks. NIPS works by learning the day-to-day patterns of network activity across the network.

When traffic or something out of the ordinary is detected, action can be taken to alert system administrators and lock down the network.

NIPS protects against threats introduced to the network from both external and internal sources.

Full Cover Protection

Used in combination these techniques can prevent, protect, and mitigate against the kinds of threats that even the top security firms don’t even know of yet.

If you could use help protect your business against security threats and are in Adelaide or South Australia, then give us a call today at 08 8326 4364 or via email at support@dpcomputing.com.au.

Protecting A Business from Internal Threats

Posted on by
1

When considering IT threats to your business many articles focus on external sources such as hackers. While these dangers are real, in many cases, the largest threat to a firm comes from inside the business itself.

Staff often have trusted access and a detailed working knowledge of the organisation from the inside. Employees therefore deserve the largest security consideration when designing a safe and secure business system.

It is important to first distinguish the type of employee we want to defend against. For this article we do not mean a model employee accidentally opening a malicious email or attachment (that relates to a different kind of threat). Rather, a disgruntled employee seeking to do damage to your business. An employee who may wish to destroy services or steal clients and files from your firm.

Security Policy

A lot of firms grant employees system-wide permissions. While this can make things appear simple, it is opening the business to future risks.

Private and confidential information relating to the business should be restricted. Many types of files need to remain confidential, often as a legal or privacy requirement. Human resource files, salary information, and employee documents should be limited to only a select few employees. Yet many businesses keep confidential information in public places on the network.

Granting system-wide read and write access can appear to save time in the short term. It is, however, opening up your business for potentially legal troubles in the future.

The Principle of Least Privilege

The principle of least privilege is a vital tool in helping you to handle internal IT security. It defines a security policy which ensures your staff can access only the resources, systems and data they require to carry out their job.

The policy protects the business from many different types of threats. Even where malicious attachments have been opened by accident, the damage is limited only to the areas that employee has access to. This results in contained damage, less time needed for data restoration and reduced downtime for the firm.

Along with limiting accidental damage, employees looking to destroy or steal data are limited. With restricted access, an employee with a grudge or profit motivation can only damage or steal from their own area of operation. This helps to ensure that no single employee can damage the entire firm’s operations.

Security Policy In Practice

A member of staff within Human Resources, for example, may have access to the employee database (as it relates to their job). This will likely include payroll information and other sensitive data. But this same member of staff would have no need to access sensitive client data, such as sales information in normal working conditions.

Likewise, a staff member from the sales department should have no need for accessing sensitive HR records.

Using the principle of least privilege, each employee will only have full access to systems that are directly related to their role. Similarly, some systems may be visible to a wider group of staff members even if they can only be edited or deleted by one or two people.

In some cases, a security policy may be defined by finer details than a person’s role within the business. For example an HR employee should not be able to edit their own file to change salary information. An employee file might only be edited by their superiors in such a case.

Additional parameters can be used to assign privileges to enable the business hierarchy to work within the IT network. Seniority, physical location, and time are all examples of factors that can restrict access to critical systems and secure data.

We can tailor your network to your business, locking down your data to ensure data is only accessed on an “as needed” basis. Contact us now on 08 8326 4364 or support@dpcomputing.com.au.

Businesses Top 5 IT Security Problems

Posted on by
Reply

Security Problems

In today’s world, companies seem to be having security issues most weeks. These issues relate to 5 main problems. Is your company guilty of any of them?

1. No Backups

A shocking number of businesses do not back up their data properly. According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months.

Even with companies that think they are doing their backups correctly they never regularly test those backups. It is a step that businesses miss surprisingly often\ so don’t be that business that only finds out that their backup isn’t working when it is already too late.

2. Being Reactive and Not Proactive

Technology is changing on a daily basis. Attackers are always working on new ways to break into businesses, hardware is evolving faster than most of us can keep up and old systems fail due to wear and tear. A huge number of businesses wait until these issues impact them directly before they respond. This results in higher costs, longer downtime, and harder hitting impacts.

By responding to hardware warnings before it fails, fixing security holes before they’re exploited and upgrading systems before they are out of date: IT can be done right. Being proactive about your IT needs means systems do not have to break before they are fixed. This results in less downtime, fewer losses and lower IT costs for your business.

3. Poor Passwords

A surprising number of people will use weak passwords to secure their accounts. Even more will write down their passwords on a post-it note right next to the computer. In other cases many people have no passwords at all! Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too – when system changes are made it is essential to be able to trace back to the account that made that change.

With an weak or insecure password tracking the individual responsible for reports or accountability becomes impossible. This can result in both auditing disasters on top of technical ones.

4. Little or No Staff Training

People are commonly the weakest link when it comes to IT security. Implementing IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate when staff aren’t trained to use that lock.

Often businesses can justify spending big on security hardware and software but spend zero dollars on training staff to use them. In this instance, a little goes a long way. Security training can help staff to identify a threat, stop it at its entry point and avoid any issues that may have occurred if the staff member hadn’t had any training.

5. Weak Data Controls

Some companies take an ad-hoc, fast and loose approach to data storage. Often crucial  data is spread across many devices, copied needlessly and even left unsecured. Client data can be found regularly on employee laptops, mobile phones and tablet devices. These devices are prone to being misplaced or stolen along with any data they contain.

Most companies focus on the costs of devices and hardware purchased for the business. The reality is that the data held on those devices is always worth many times more than the device that holds it. For many firms, their approach to data hasn’t been changed since when the firm was first founded. Critical data is often held on single machines that hasn’t been updated because they hold that critical data. Such machines are clearly vulnerable, outdated and of course prone to failure.

Common problems with simple solutions

Each of these common issues have simple solutions to secure against IT failure. With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.

If you are in South Australia and need help securing your IT system, give DP Computing a call on 08 8326 4364 or at support@dpcomputing.com.au.

Have You Been Hacked?

Posted on by
Reply

Being hacked is the single biggest fear for most computer users. Many people believe the first sign of strange behavior or errors on their PC is a sign of being hacked. But are hackers really inside your machine, roaming around madly and stealing your information? Or should we be on the lookout for other more subtle signs? What does being hacked really look like and what can I do to help prevent it happening?

There is an important distinction to make between being attacked by a hacker and being infected with a virus or malware. Virus software and malware are automated processes designed to damage your system and / or steal your data. There are of course ways that we can defeat these processes, but what if we are instead being hacked and what are some of the signs?

Passwords not working

One of the first steps a hacker might take is to change your computers login passwords. By doing so, not only do they ensure future access to the machine, they prevent you from accessing the system to stop them. For the hacker, this is a crucial step that keeps them in control. With this in mind, we always want to make sure to keep on top of our own login details and how often we change them.

Security notifications from online services

A lot of online services track which device and location you logged into your account from last. If your account is accessed from a new device or a different country it might trigger an automated email or SMS asking if this new login is from you.

If you have just logged into a service from a new computer, tablet, or phone; receiving an email that asks “hey, is this you?” need not be cause for alarm. If you haven’t, it may be time to investigate further. This feature is a very important part of information security and may be a key first step to identify someone else gaining access to your account.

Bank accounts missing money or strange transactions

The end goal for the majority of today’s hackers is typically to profit from their crimes by taking money from people online. As such, it pays to keep a regular eye on your financial transactions to make sure you know what money is coming and going from your account.

You may see a large sum missing where hackers have attempted to take as much as they can in a single transaction. On the other hand unknown or unusual small transactions may be attackers testing the login details they have, to confirm that they work.

Loss of mobile phone or land line connectivity

Phone interruption is a symptom that few people expect but can occur when hackers attack. Many banks and online services use a security feature known as two-factor or multi factor authentication (2FA or MFA). They do this by sending a code to your phone or app when you log in, you then have to enter this code to confirm who you are.

Hackers can try to work around this by calling your phone provider to report your phone as lost or stolen. During this call, they will request your phone number be transferred to a new sim card or redirected to another number that they control. When your bank sends its regular two-factor authentication code to the number registered, it goes instead to the hacker who then can log in. From your perspective the phone service will simply stop working, so if this happens contact your provider ASAP.

Social engineering

Another technique that may not even include a technical method is called social engineering. Social engineering is when hackers try to obtain confidential information by manipulating people to freely give them this information. This can be done in many different ways. Some examples are:

  • A strangers phones your office and may pretend to be a customer or supplier but asks for personal or confidential information.
  • A person claiming to be a supplier contacts you and asks you to change the bank account you send payments to.
  • Some one attends your premises for some reason but you have no prior knowledge of who they are or why they are they are requesting access.
  • Some one phones and claims to be from the technical department of your ISP or maybe even Microsoft and requests remote access to your computer.
  • You receive an email claiming to be from the boss or management asking you to do something which doesn’t seem right – like purchasing iTunes vouchers or asking to authorize payment to a new supplier.

Keeping vigilant and maintaining security

These are only some of the techniques that hackers can try to use to gain access to your systems and accounts. It pays to be extra vigilant and pay close attention to the signs and signals that indicate you may have been hacked. It may als

If you suspect that you might have been hacked, or would like help to prevent hackers in future and are located in South Australia, give us at 08 8326 4364 and we will improve your security.

How Losing a Mobile Device Can Put Your Business at Risk

Posted on by
Reply

Lost device

Losing a mobile phone, tablet or laptop is something that everyone dreads. The expense and inconvenience of buying a new device is unpleasant, but the replacement costs only represents a fraction of the damage done when a device is misplaced. The cost of the data contained within every device can add up to many times more than the total value of the device itself.

Along with any data on the device you may use automatic login to your email and other online services. Each of these services is vulnerable to an attacker having possession of your device.

Saved Usernames and Passwords – Users often click on the link to save the passwords in their browser for sites they regularly visit. While this makes things simpler for the user it also makes it very easy for someone else with access to your device to login to your online accounts.

The problem can multiply where a single password or a combination of similar passwords have been used across several accounts. In these situations an attacker need only gain access to a single one and reuse the same credentials across many sites and services.

Email – Email accounts are a key target for attackers looking for access to your business and / or personal information. It is a service that we all take for granted, setting up the device and using automatic login every time afterwards.

It is a service that also unlocks a great deal more than just the email messages as with email access a malicious user can gain access to many of the most commonly used web services online. Using the “forgot my password” button on many websites triggers an email with a password reset link to the email address registered on file. An attacker may use this feature to reset account passwords. Doing this both grants themselves access to your account and denies you access to it.

Contacts – One of the best features of SMS’s and instant messaging is that your contacts know the message is coming from you. When a message is sent from your device to someone you know it displays along with your name, details and maybe even a photograph.  With contact information already programmed into a device an attacker has an opportunity to impersonate you. Using your identity, an attacker may attempt to steal yet more details about you and your contacts.

Social Media – Your social media accounts can often be the face of your brand and are a primary way to reach out and contact customers. They are also extremely vulnerable to being hijacked from a stolen device. Fraudulent social media access allows attackers to harvest both client and business data. Even without profiting directly, posting information on a social media account can cause irreversible damage to a business.

Protecting your business – Services, accounts, and entire businesses can be put in great danger by something as simple as misplacing an unsecured mobile phone or laptop computer. Remember to always put passwords and security measures on all devices.

We can help you to stay secure and remain in control even when losing a device. Give us a call at 08 8326 4364 or support@dpcomputing.com.au and let us help secure your business.

Does Your Office Need Business-Grade WiFi?

Posted on by
Reply

Business grade WiFi

In today’s business world, having great WiFi isn’t a luxury – it is a necessity. For some small businesses, consumer grade WiFi may be sufficient (especially if it is not widely used), but with the explosion is usage of mobile devices many find that business-grade WiFi is more appropriate. As companies grow, there becomes a tipping point where business-grade is necessary. So how do you know if your business is ready for business-grade WiFi? Ask yourself the following questions to find out.

How many devices use your Wireless Network?

It used to be that a few laptops connected to your WiFi network, but that is no longer the case. With the rise of portable devices such as smartphones, tablets and other devices  each person may be connected to your wireless network from several devices. Consumer-grade hardware is designed for just a few people (ie the small amount that typically live in a single household) but can not manage larger amounts of users and all of their devices. This is especially true for sustained concurrent usage. Remember that your employees aren’t the only people who expect to be able to connect to your WiFi. One of the first things visitors and customers typically do is look for a WiFi network to connect their smartphones to.

What is the size and area of your workspace?

The number of access points you will need for your business is dependent on the amount of physical space that needs to be covered, the shape of the area, wall material and the number of users / devices. In smaller spaces, consumer-grade WiFi may be good enough. Larger, oddly shaped spaces benefit from business-grade. If your building’s walls are made of brick, cinder blocks, or cement, you likely need more access points than buildings made of other materials. Make sure you have a strong connection from all locations. It is annoying to only be connected to wireless in certain areas of a building and find yourself in a deadzone one step later.

Access points for business-grade WiFi tend to be more powerful and flexible. For example, some business WiFi systems can move Wi-Fi devices from a crowded access point to one that is less busy. By doing this, everyones access remains consistent. If you foresee your range needing to increase, such as renting out more space, it is much easier to add more access points to a business-grade network than consumer-grade one. Businesses that anticipate scaling up soon are better off with business-grade WiFi.

Do you want guests to have the same quality Wi-Fi as workers?

In households, where consumer-grade WiFi hardware is used, all users share the wireless network equally. In a home environment, if children are slowing down the internet with Netflix or video games, it is not a big problem. However, a choked business WiFi can cause a lot of problems. Business-grade WiFi allows you proper network management. You can assign a designated amount of bandwidth to different users so they are unable to clog the entire connection. You can also allow visitors internet access without giving them unlimited access to your local network.

How much does the internet affect your employees’ productivity?

For some companies, workers only use WiFi for a few quick tasks. With these types of businesses, if the internet is slow, it won’t have a big impact on how much work your employees get done and consumer-grade wireless might be a good choice. For other companies where there isn’t much people can do if the WiFi isn’t working well then a business grade connection is essential. WiFi troubles can also lead to frustrated and unhappy workers.

Strong WiFi is a necessity for all businesses. This is especially true for larger businesses that connect a lot of devices (from both an employees and visitors perspective) and have a large work area. Also for those where employee productivity depends on a strong connection. The goal is to keep your business-critical technology running smoothly. Consider carefully whether consumer-grade Wi-Fi or business-grade Wi-Fi is the best choice for your business. When you ask yourself the questions above, the answer should become clear.

If you are in Adelaide, South Australia and your business’s wireless network is struggling then give us a call on (08) 8326 4364 or via email at support@dpcomputing.com.au to discuss a solution.

7 Ways To Keep Your Systems Secure

Posted on by
Reply

eBook - Business Security Guide - 7 Ways to Keep Your Systems SecureCyber-attacks on your business can be crippling, but there are easy ways to keep the bad guys out. We have written a great eBook listing 7 simple but effective ways to reduce your risk of malware or hacking.

Click here to subscribe to our monthly newsletter and access your copy of this book – don’t worry we won’t share your details and you can unsubscribe at anytime.

If you are already a subscriber and would like a copy please email david@dpcomputing.com.au.

You will also receive a free copy of our other great eBooks including the following so sign up now!

  • 5 Reasons Your Business Needs Office365 Today!
  • Is Your Old Tech Dragging You Down?
  • Spectre and Meltdown: How you’ll be affected.
  • 10 Tips to Stay Safe Online
  • Digital Transformation – What’s In It For You?

As always, if you want to talk about ways you can save on your IT, give us a call on 08 8326 4364 or support@dpcomputing.com.au.

Why Multi-Factor Authentication is Important

Posted on by
Reply

2FA and MFAYou hear about hacks all the time in the news. Major websites have had data leaks and lost their users personal information. Computers get infected and malware saves your login details for bank accounts and credit cards. In the worst cases, identity theft occurs because it is an easy crime to commit and has a high reward.

In the past, passwords could be used to keep the bad guys out of your accounts but a single form of authentication is not enough anymore. Cyber hackers have a variety of methods including phishing, pharming and keylogging to steal your password. Also togdays computers have the power to test billions of password combinations.

To make things worse the majority of people use the same password for several websites. That means anybody who has figured out that password has access to multiple accounts that you own. In a time when it is extremely easy to look up what a persons pet is called or their maiden name is, security questions aren’t much help.

Consider how a bank operates. They don’t simply keep their valuables locked away with one key. There are alarms ready to be triggered, motion detectors and even bars on the windows. Your data is valuable and you need more than one line of defense to protect it.

In the computer world, your second line of defense (after your username and password combination) is called “2-factor authentication” (2FA). Sometimes it is referred to as multiple-step or multi-factor verification (MFA). 2-factor authentication is a way to double check a person’s identity. This can be enabled every time a person logs in or just under certain circumstances. For example, signing in from a new device or different country might trigger 2-factor authentication.

Many of the services you may already use, such as Facebook, Gmail, Office365, Xero Accounting, and more, have 2-factor authentication options. If your bank has ever sent you a special code through text or email to enter before logging in, you have already used a type of 2-factor authentication. They can also be in the form of a app on your phone or a small electronic dongle.

MFA is absolutely crucial for online banking, email, and online shopping such as Amazon or PayPal. It’s also a must-have for cloud storage accounts (like Dropbox or Sync), password managers, communications apps, and productivity apps. This is especially true if you frequently use the same passwords for different websites and apps.

Some may consider MFA unnecessary for social networks accounts, but these are actually very important to keep safe. For ease, a lot of websites and apps allow you to sign up through your Facebook or Twitter account. You need to keep these networks safe so that somebody with your password can not suddenly get into every account you have linked.

The point of using MFA is to make hackers’ lives harder and prevent them from easily getting into your accounts. If they have captured your login username and password, they still need a second method to get in, especially when the computer or phone they are using has never logged into your account before. This makes it much harder for anybody to breach your account.

Plus, if you receive a notification with a special code to enter for logging in (and you weren’t trying to log into that account), you have a good signal that somebody else was trying to get in. That means it’s time to change that password and be grateful you had MFA configured.

It is unfortunate that there is currently an abundance of skilled hackers ready to take advantage of those unprepared. Luckily, you can still stop them – even if they have your login information at hand. MFA is one of the easiest methods to keep your accounts safe.

Give us a call at (08) 8326 4364 or via email on support@dpcomputing.com.au to help secure your business and accounts.

It’s Official: Your Website NEEDS to Use HTTPS

Posted on by
Reply

HTTPSYou may have noticed many business websites now have a green padlock in the address bar next to the letters ‘https’. Until recently, you would have only see that on shopping or banking sites, but it is now become the expected norm for all business websites – even if you don’t need users to log in or enter credit cards. Simply put, the ‘s’ in https stands for secure and means any data sent and / or received by the visitor is encrypted.

Clearly, this is an essential feature for e-commerce sites, but why have all the info-only websites started using https too?

The New Google Rule

As of July 2018, Google will mark your website as insecure unless you use https. It is a movement they started a few years ago to make the internet a more secure place by default. Since Google pretty much rule the internet search and increasing security is always a good idea, business websites have been gradually switching over. Without https protection, someone with access to your internet connection, whether from digital eavesdropping or hacking, could intercept the information. They could also place malware onto otherwise legitimate sites and infect innocent visitors. That is why eighty-one of the top 100 sites online have already switched to https and a very large majority of others are following suit.

The Browser Bar Says It All

In the same way a green padlock in the browser bar indicates a trustworthy site, you can expect that non-https sites will be marked with a “not secure” warning. Previously, users had to click an information symbol to actively investigate the security status of sites. This shift to plain sight markers will be most noticeable on Chrome, however it is expected that other browsers will follow suit. Future visitors to your site may then be alarmed by seeing that the connection isn’t secure.

The fact that you may not be asking them to log in, enter personal details or payment is irrelevant as perceptions matter. Eventually that warning will be changed to an alarming red as Google declares war on insecure sites. As the common understanding is that a warning is bad, you may get more visitors bouncing straight away or even contacting you to report that your site has a problem.

Boosts for Secure Sites

Google is also taking its commitment to safe web browsing further by favouring https websites. This means that Google’s search algorithm is taking your site security into account, preferring https results. Since https status get preference in search results, you may find yourself climbing in the ranking while other businesses drop. It really is a win-win situation for you to implement https..

How to proceed?

It is a little more complicated than just changing a setting within your web hosting environment. You have to order an install a SSL (Secure Sockets Layer) certificate and then install it within your hosting environment. The easiest way to do this is to contact your IT technician or web developer, as they will be able to make sure that it is all done correctly and thus will keep Google happy.

We can help secure your website by migrating it to https – contact us today at 08 83264 364 or support@dpcomputing.com.au.