April 2022: With the UK parliament’s second reading of the Online Safety Bill taking place this month, it’s a good time to think carefully about what online safety means today.

Much has been written about cybersecurity since the early days of the web, but there’s no denying that the stakes are now higher than ever before, especially as we share more and more personal information online. Further still, the growth of YMTL (your money or your life) sites, the gradual diminishment of brick-and-mortar retail, and the proliferation of online misinformation are all factors that make the case for strong online security even more important.  

Spotting opportunities to profit, unscrupulous individuals and organisations have escalated their efforts to exploit vulnerabilities in online systems, whether they’re using exploits from outdated software or attempting social engineering to take advantage of unsuspecting users.

So, how can businesses protect their online profiles and, crucially, protect the data of their customers? Cloud hosting experts, Cloudways, have detailed cost-effective and easy solutions for website owners and SMBs to protect themselves and their customers online today. 

There are two main ways in which businesses can adapt. The first involves relying on employee expertise, assembling teams of cybersecurity experts to manually monitor and maintain their systems. However, for many SMBs this can be too expensive, complicated, and increasingly impractical due to a dearth of qualified professionals.

The second, more realistic, solution for the average SME, involves implementing cloud services that have the required security features and limitations baked in. This is much more cost-effective and doesn’t need companies to understand the technicalities behind the technology, just rest assured that your website is being protected. 

But what targets are they trying to reach?

The letter (and spirit) of cybersecurity legislation

Even if we temporarily leave aside the demands that may result from the implementation of the Online Safety Bill, we must contend with two key established areas of compliance: PCI (Payment Card Industry) and GDPR (the General Data Protection Regulation).

While the GDPR is a piece of EU legislation, applying to businesses based in the EU and EU customers of non-EU businesses, its arrival set a standard that the rest of the world is now expected to meet. In general, it’s better to focus on delivering worthwhile cybersecurity instead of just meeting expectations: better for customers, and better for loyalty.

Both payment and data compliance require websites to closely guard against unauthorised access and minimise their storage of financial information. This is something that a CDN like Cloudflare can help with: routing all activity through a protected system obscures it and makes it all but impossible for hackers to interfere.

What should you do to protect your customers?

There are five key actions that a modern business should take to protect its customers:

1. Guard against social engineering tactics. The more you commit to system-level security, the more you nudge potential hackers towards targeting your employees, and they need to be ready. Covering tactics including phishing, pretexting and tailgating will teach them how to operate securely on a consistent basis.
2. Invest in customer data and password encryption. In the unlikely event that someone gains access to your data, they shouldn’t be able to usefully interpret it. Using a strong firewall (such as that of Cloudflare) will block common threats and attacks aiming to steal your data. 
3. Keep all software updated and cooperating. The longer a software version is in use, the more likely it is that a vulnerability will be uncovered. Updating your core software whenever possible (along with any themes and plugins) is essential.
4. Have comprehensive backups in place. If something goes awry and you fear that you’ve experienced data loss or your website has been injected with malware, you mustn’t continue in the hope that you can fix it. Instead, you should revert to a trusted backup.
5. Communicate clearly and honestly. Your customers rely on you when it comes to cybersecurity. If data ever leaks, it’ll be your responsibility to inform them so they can take appropriate action (changing their passwords, for instance). Staying quiet isn’t advisable since they’ll find out eventually and will feel aggrieved by your silence.

Why the Cloudways/Cloudflare integration is an invaluable asset

Three of the five key actions we’ve identified involve system-level protections. Cloudways already offered a superlative managed hosting experience, so the free and easy addition of paid-tier Cloudflare features has established a hyper-compelling hosting package. Deploying this system gives you an optimised blend of speed, reliability, accessibility, and security.

Santi Costa, Chief Marketing Officer at Cloudways, had the following to say:

“Even if there were enough cybersecurity professionals to cover all threats, they wouldn’t be affordable for typical SMEs. This puts the onus on system-level security. Our objective with Cloudways has always been to take care of key concerns — including (but not limited to) security — so even the smallest companies can deliver exceptional user experiences without enormously increasing their costs or adding to their daily workloads.

“Following the launch of our Cloudflare integration, we’re more confident than ever that we bring more to the table than our competitors. Our customers can now proceed with the knowledge that their systems will protect their sensitive data and deflect online attacks, and they don’t need to pay anything more for this improvement.”

With the Online Safety Bill being floated in the UK, and comparable pieces of legislation cropping up elsewhere in the world, it’s clear that cybersecurity standards are only going to increase in the coming years. To stave off attacks and keep up with the competition, businesses everywhere must invest their time and resources accordingly.