Google's Matt Cutts on Website Security
There have been thieves since the dawn of humanity. Imagine angry little cave people running around and stealing rocks from each other. Where there is an opportunity for free gain there will probably be someone there to take advantage of it. Our technological advancements in the past few decades have created even more possibilities for thieves, giving way to hacking as a full-time job, and making theft anonymous and difficult to trace. It doesn't help that thieves and maniacs seem to always be slightly ahead of the game.
Experts are warning merchants that hacking is going to continue to rise. The consequences for security negligence will be increasingly devastating, hitting both small and large business financially. Nearly nine out of ten websites have significant security vulnerabilities, according to statistics. 86.7% of all PCI scans of clients failed with one or more vulnerabilities. And what about all of the business' who opt out of the service despite the fact that PCI Scanning is required by business' who process credit cards. PCI Scanning is effective in preventing hacking because the service actively seeks out security holes, so they can be patched before hackers enter. Website security even increases conversion rates. However, statistics prove, most websites are below security standards, and hackers are walking right into the open door.
There are thousands of security breaches across the US every year posted publicly. The targets ranging from the Navy databases to LinkedIn. At any given time one can visit privacyrights.org and browse through their current list of security breaches, or visit thehackernews.com for stories on hackers and hacking worldwide. The information is public and readily available, yet despite all of this most merchants have sub-par security and some don't have any at all. What are merchants thinking? Merchants without security are likely to face fines, and possibly bankruptcy. The PCI Security Standards Council issues fines, and/or revokes a merchants processing privileges, that alone could ruin a small business. But that's only half of the trouble; what about their reputation?
"…consumers are quickly becoming Internet savvy and they take their privacy seriously. There is nothing, and I mean nothing, that can hurt your credibility more than your customers and potential customers getting SPAM to email addresses that they provided only to you – in the best case, they will think that you sold their address. Responding that no, you didn't sell their address, but someone hacked your server and stole ALL their personal information won't make them feel a whole lot better about doing business with you in the future." According to dailystocks.com.
Online news spreads fast. In a matter of minutes the entire world could potentially hear of a site being hacked, of credit cards or email address' being stolen. In a few minutes a good name can be tarnished and destroyed or worse: nobody trusts the business anymore. Once there has been a hack, there is no going back. It could take years to repair the damages IF a business can manage to do it at all. Just look at all of the big names that went under due to security negligence. All you have to do is Google it. Security experts say the solution is simple; website security is vital for sustaining a business, avoiding financial ruin, and/or public embarrassment.
Take Web Security Seriously"Even if you're [with] a very, very good web host, even the tiniest little bit of a chink in your armor [or security] means somebody can slip through and possibly infect [your site and] a large number of your customers.
The fact is not that many people pay attention to the security of their web server [or hosting] right now.
I think they'll [hackers will] get worse on web servers [your hosting] until people start to take web security seriously on the web."
See the full video here: http://www.youtube.com/watch?v=B4ImPSPPc-A