Small business owners are just as vulnerable to website security hacks as big companies, a new report found. And the risks of vulnerability go far beyond online downtime.
According to GoDaddy’s Small Business Website Security Report, a commissioned research and analysis of over 65,000 infected website cleanup requests from small business customers, due to limited budgets and knowledge of online security, small business owners fail to prioritize protection of their business websites.
What they don’t realize is that by doing this, they’re actually risking even greater financial losses.
“We refer to this as the small business website security paradox—small business owners lack the knowledge and their perceived notion of funds needed to more fully secure their website,” said Tony Perez, general manager for security of GoDaddy. “But once the website gets hacked, it can lead to significant financial loss due to its effect on business reputation.”
Once a website gets hacked or infected with malware, which are the common problems small business websites face, the effects can go beyond just downtime. Companies such as Google and Norton flag an online portal as dangerous once they detect that it has beencompromised. This action negatively affects traffic to a website and eventually can make it invisible online.
Google blacklists more than 10,000 websites a day. And getting off that blacklist is not easy.
Worse, if malware is present on a website, it can be even easier for hackers to explore its vulnerability.
Other key findings of the report reveal just how much it can affect business growth:

  • Of the 1,000 micro-businesses surveyed, nearly half reported suffering a financial loss due to hacking.
  • Three out of 10 small businesses who suffered a cyber breach reported they had to inform customers and clients.
  • It’s not enough to clean up compromised files, hackers regularly create ‘backdoors’ on a compromised website, so they can secretly re-enter a platform even after a file cleanup.
  • Malware/computer viruses and phishing are the most common types of attack & can target any aspect of a business.
  • SEO spam is also popular among hackers. Hackers go into a website’s keywords and add malicious links, and often, small business owners aren’t aware this is happening.
  • Of the 65,000 global website cleancup requests, half involved outdated software on the most commonly used platform and tools, including plug-ins on WordPress and other popular content management systems (CMS).

What can small businesses do?

Only half of businesses surveyed use a monitoring service to stay on top of their site’s security, with most relying on an effective password strategy. While it’s true that cybersecurity measures aren’t hacker-proof, it’s a good idea for small businesses to start to focus on keeping their business website better protected from potential downtime.
“Cybersecurity is not about preventing a risk. That isn’t yet possible. It’s about reducing the risk. It’s understandable that very small business operators handle a lot and it’s hard to make website security a priority. But taking even modest steps can make a difference,” Perez said.
GoDaddy recommends small business owners invest in a website security monitor service to keep an eye on any red flags or warning signs with 24/7 monitoring, deploy a website application firewall, and register with Google’s webmaster tools which alerts when there is an issue with the website before negatively impacting how it shows in search results.