“An ounce of prevention is worth a pound of cure.” – Benjamin Franklin
There are many headaches associated with running a small business in Connecticut. Payroll. Taxes. Bookkeeping. Many of them are unavoidable. This post is about the avoidable mistakes that I’ve seen in the 20+ years I’ve been helping small business owners with their marketing. I hope that you are able to take something away from these suggestions to help you avoid a headache in the future. And trust me, headaches related to your digital assets – your domain, email, website, and more – are pretty awful
Protecting your digital assets should be just as important as keeping your offices locked, having backups for your office computers, and paying your lease or credit card bill each month. Here are the major areas that I think you should examine or talk to your web developer, marketing person, or IT person.
Back-Up Your Website. 2 Ways – And Check Them
Just as your computer is prone to data loss through factors such as damage or hacking, so is your business website. Hopefully, your work computer(s) have a backup system in place. Ideally, you’ll have a local backup and on offsite backup in case of fire, water damage or some other situation that compromises your offices.
Backing up your website requires a similar approach. If something does go wrong, having a backup means you don’t have to start from scratch, which is a painful and expensive process. Having a regular website backup with a copy of your site data allows you to easily restore your site. I suggest having two backups, one might be provided by your hosting provider, but the other should be an off-site backup where the file is stored in a location you control (e.g., Google Drive or Dropbox folder). I tend to use a plug-in on my WordPress sites called UpDraft, though there are several plug-ins and third-party services you can consider. I’ve had a few clients have an issue with the billing from their hosting provider and lose their site AND the hosting-provided backups, hence the off-site backups. There are several ways to configure your backup setup.
- Manual backup – creating a copy via a web hosting control panel or using file transfer protocol (FTP).
- Automatic backup – scheduling a backup to run at regular intervals – daily, weekly, or monthly. This is usually accomplished through a 3rd party backup service or plugin.
- Cloud backup – the cloud provides an ideal place to back up your site, regarded as more reliable than other backup data and recovery systems.
My configuration looks like this:
- WordPress backup using Updraft. Scheduled to run daily and backup to either a DropBox or Google Drive account. The system is set to keep 2 or 3 copies.
- Automatic nightly backups provided by the hosting provider
- Each month I confirm that the UpDraft backup is working properly. Errors can occur, so you want to check to make sure the backups have completed successfully.
Take a moment to explore your backup options and make adjustments as you need.
Keep Your Information Updated and Check Them Annually or Bi-Annually.
I have had clients encounter major issues when their credit card information expired on one of their accounts and that account had an old email address on file. Confirming your company registration, email, and credit card details are up to date is a good business practice in the digital age. If the email your hosting company or registrar (think GoDaddy or Network Solutions) is outdated or one you don’t check frequently, you might miss an important email about an upcoming renewal or that the billing information on file has expired.
I suggest keeping all of your accounts listed in a spreadsheet organized by business, the login email/username, the password, and what credit card is on file (and it’s expiration date!). Then, at least once a year, confirm that information is correct. In addition, if your credit card is compromised, replaced, or updated, be sure to go in and change the information on all of your accounts. Most of these systems will send you an alert or two that there is an issue processing payment, but then they may shut down your account. This can result in a website not showing up any longer or worse. I’ve had clients lose their entire websites (and backups) and control of their domains from these issues. My advice? Don’t wait for them to notify you that there is a billing issue. Use your spreadsheet to go through your list of accounts to make any changes. My spreadsheet looks like this:
This advice is true for most of your accounts, this includes items like:
- Your online bank accounts – to guard against fraudulent transfers.
- Your passwords – make sure you have a separate, secure password for different sites.
- Email addresses – to ensure those linked to your online accounts are still in use.
Many of these businesses communicate via email to alert you of an issue. If you don’t get an email alerting you to a problem, you could end up in hot water.
Security for Email and Your Website
There are many ways in which your accounts can be compromised. Websites can be hacked, emails can be spoofed or phished. Your email provider or IT company can talk to you about what steps you can take to protect your email accounts. There are basic items like having strong passwords in place as well as additional security to scan emails and talk to staff about not clicking on attachments from unknown senders.
As a marketer, I’ve received some emails that looked legitimate but were odd enough that I didn’t respond immediately. One email was from someone who said they were looking for a website but also wanted to let me know that they were deaf and would only communicate via email. They went on to ask if they could pay me via credit card. It didn’t register as odd to me until I received a second email with the exact same wording from another email address. At that point, I took a few sentences from the email and entered them into Google. Suddenly, I found several listings talking about this phishing scheme and what happened when the contractor had responded to these emails. An ounce of caution here prevented a pound of pain…
Websites can be hacked as well. Sadly, WordPress is a favorite target of hackers, probably because WordPress is an incredibly popular platform to build websites with. There are several steps you can take to protect your website including:
- Don’t use the username “admin” for any user
- Assign strong passwords to all user accounts
- Delete any unused user accounts
- Install a security plug-in like WordFence or iThemes Security Pro and configure it properly. I prefer the iThemes product, it seemed to be a bit less eager to alert me about every security issue.
- Make sure to keep your theme and plug-ins updated.
When should I work on these projects?
Take an hour to pull all of this information together. It may be a bit of a scavenger hunt. Still, I’ve seen too many businesses find out too late that they don’t know a vital login or that the person who set everything up is no longer with the company and can’t be reached.