Website security for recruiters.
This week I happened to check out one of our customers’ websites, and was surprised to discover that, when I Googled their site, I found lots of pages in what looked like Chinese characters. I called them and broke the bad news that their website had been hacked.
A few days later, another check on another customer website, and I found another hacked website.
Two hacked websites found within a few days by random chance. I suspect, if I checked our other customers websites, I’d almost certainly find more.
Website hacking is now extremely common and the vast majority of it is due to one simple mistake that is really easy to avoid.
One easy fix
40% of the worlds websites run on WordPress, and for good reason. WordPress is really good. It’s also very secure – provided you keep it up to date. Unfortunately, for my two customers, they didn’t keep it up to date.
When updates are released for security reasons, they do two things. Firstly, they fix security vulnerabilities, and secondly, they tell hackers about the security vulnerabilities of the previous version. If you don’t keep WordPress itself, your themes and plugins up to date, you are an open door to hackers. Hackers automatically search the web for these open doors and can hack sites with ease.
The good news is that in most cases, updates can be set to happen automatically as soon as an update is available. But yet, so many people don’t know this and so they leave the door open.
This week I’ve been working on a new video blog series on Data Privacy for recruiters. I hope to have my first instalment available on my blog next week. If you would like me to email you when it’s available, then please subscribe to my mailing list here or click on the subscribe button on this website.