Biggest Security Threats to Your Website in 2014

ektron infographic an THREATS TO YOUR WEBSITE IN 2014 Websites are at the center for customer interactions with your organization. Marketing departments are becoming more and more accountable for the results they gain from their website. Therefore, it is only natural that marketing technologists should be educated on common security vulnerabilities. Marketing drives the requirements for a website, but they're usually articulating business requirements, not security expectations. Due to this, results often overshadow security. Here's some of the things that your website could be vulnerable to, and how to fix them. I| INJECTION Consider anyone who can send untrusted data to the system as a command or query. This includes internal users, external users and administrators. 9387023.000101.0101_1o s08_ SENSITIVE DATA EXPOSURE Consider who can gain access to your sensitive data and any backups of that data. This includes data at rest, in transit, and even in your customers' browsers. 97% SQL of all data breaches come from SOL injections 26 of web attacks involve loss of sensitive and private data 80 f retailers and organizations that handle credit card transactions have experienced a data breach 90f businesses 86 of all websites suffered a computer hack in the past year had at least one serious security vunerability 77 f those businesses are hacked more than once SECURITY I MISCONFIGURATION Consider anonymous external attackers as well as users with their own accounts that may attempt to compromise the system. Also consider insiders wanting to disguise their actions. 000190 0019287 78% of Americans have been hacked or will 28 of web attacks be hacked in the future involve website defacement of one sort or another 75 of people use % use the same password for multiple accounts MI is the time it takes to decode a lowercase password that is 6 characters long 3 out of 4 people use the same password for multiple accounts an average of 1 trillion dollars in intellectual property is hacked and stolen in a year BE UP TO DATE PASSWORD POLICY MONITOR ON SOFTWARE AND SECURITY GUIDLINES EVERYTHING Having a software version that's up to date ensures Have a policy to follow when setting up or modifying anything on Monitoring the server for suspicious activity like the website. Ektron provides a 7 step easy to follow check list to newly deleted files or added user accounts can help that there are no legacy security vulnerabilities waiting to be breached. make sure every piece of your website is secured and locked down. you spot red flags. 111111111 HAVE A CRISIS PLAN Even the most secure of sites can have a vulnerability. Having a plan and being prepared for a worst case scenario can make recovery time quicker. ektron © 2014 ektron, Inc SOURCES https://www.whitehatsec.com/resource/stats.html http://www.indefenseofdata.com/data-breach-trends-stats/ http://www.websitedefender.com/web-security/web-hacking-facts/ http://www.stopthehacker.com/2012/04/20/ten-scariest-hacking-statistics/#.Unkn4_mko4g http://www.clubcloudcomputing.com/2013/01/infographic-on-hacking-statistics/ https://www.owasp.org/index.php/TopP_10_2013-A6-Sensitive_Data_Exposure http://www.youtube.com/watch?v=lb10X-YhAvo %24 *