This week – and last week and probably next week – we’re all about security, Ramping up the security on all of our websites. We’re hot on security, and as a matter of course, when we work on a website, we always update plug-ins and themes and carry out lots of general maintenance, which clients wouldn’t necessarily know about. But not every single website we design and host is updated regularly, and this means that sometimes there are inevitable vulnerabilities – and these are exposed by older websites, sites with many plug-ins or sites where clients are reluctant, for whatever reason, to address site clean ups and updates. However, any site – regardless of age, size, design – can be hacked and malicious files inserted. We have recently been dealing with such a situation with an e-commerce website. Through meticulous investigative work, and swift deletion of infected files, we have worked though the issues and have secured the site.
In ignoring small issues, these can grow and can affect not only your website, but the websites of other clients, as they are all hosted in the same place. Most clients have been very responsive to the MOT service we have recently introduced, and this has certainly helped us to ensure that a lot of our sites are completely up to date, security wise. But we still have a number of sites which are potentially vulnerable as we haven’t been given the go-ahead to do the work. In initially offering this new service, we saw it as an “add-on”, an extra layer of security, to the measures we take as a matter of course. But, recent events have shown that in terms of online security, all sites need to be as secure as they possibly can be. There is no guarantee of finding out where malicious files have been able to gain entry on any particular website, so we need to ensure that every single website – e-commerce, WordPress driven, older websites or newly designed – are as robust as they possibly can be, and this is what we are currently working on.
We have recently been asked a question by a client, regarding the MOT service, for which we charge a fee of £45. “Is this really necessary?”
The answer is an unequivocal YES.
We cannot stress enough that this is necessary. From our e-commerce sites to holding pages, we are urging clients to really understand why we are doing this service. We know that we cannot force clients to give us permission to do this. We have also tried to keep the cost to an absolute minimum but with a variety of sites, of different sizes, different builds , some with multiple plug-ins etc we have to ensure that as well as the “normal” checks we’d do when working on a website, all are as up to date and secure as they can be. And this takes time, to get it right. We are also a very small team – two of us – and so we can’t pass this over to other team members or outsource. And, ultimately, WE want to do this work, for our clients, because we know no corners will be cut. Just one vulnerable site, if hacked, can unfortunately affect every site we host and we have to seriously minimise this risk, because we have a responsibility to all clients.
So, yes, ramping up our security and charging a fee of £45 is absolutely necessary. Each MOT takes, on average, an hour to perform, and we then follow this up with a report, detailing exactly what has been done and making recommendations, as necessary. This cannot be done free of charge, unfortunately, as it is also our time and skills, things we actually value quite highly. And believe us, if we were just out to screw clients out of a bit more money, we’d have set the cost quite a bit higher than £45…