Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sucuri Webinar: Website Security Primer for Digital Marketers

245 views

Published on



During this webinar, Alycia will explain how marketing professionals can easily add security to their diverse toolkit. This skill helps organizations prepare for incidents and prevent others.

Reputation management falls on marketing. By championing the protection of web content, marketers can uphold their company’s reputation and make the web safer for everyone.

Published in: Marketing
  • How to use "The Scrambler" ot get a girl obsessed with BANGING you... ◆◆◆ http://t.cn/AijLRbnO
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • My special guest's 3-Step "No Product Funnel" can be duplicated to start earning a significant income online. ●●● http://ishbv.com/j1r2c/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Real Money Streams ~ Create multiple streams of wealth from your home! ★★★ http://scamcb.com/ezpayjobs/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Sucuri Webinar: Website Security Primer for Digital Marketers

  1. 1. Website Security Primer for Digital Marketers SUCURI WEBINAR Alycia Mitchell Digital Marketing Manager
  2. 2. Housekeeping Items • • • • • • •
  3. 3. WEBINAR PRESENTER @artdecotech Alycia Mitchell Digital Marketing Manager
  4. 4. WEBINAR PRESENTER A little about me • • •
  5. 5. In this webinar you will learn: • • •
  6. 6. Marketers are in agreement Content is King … so who is guarding the king?
  7. 7. Whose responsibility is website security? Those are DDoS bots out there! LET’S GO MITIGATE THEM!
  8. 8. Source: The T-Shaped Web Marketer by Rand Fishkin Tweet #AskSucuri to @SucuriSecurity
  9. 9. Jono Alderson, YOAST The Democratization of SEO
  10. 10. Jono Alderson, YOAST The Democratization of SEO
  11. 11. Marketing Nightmares Hey marketer, want to install this plugin to increase your SEO rankings? They all rank organically down here! Imagine the following scenarios…
  12. 12. Distributed Denial of Service (DDoS) attacks. Downtime due to
  13. 13. Blacklist Warnings by major search engines and antivirus vendors.
  14. 14. Malicious Redirects sending mobile visitors to porn websites.
  15. 15. advertisements, phishing pages, and drive-by downloads. Malicious
  16. 16. A hacked site can also affect your rankings and search engine metadata.
  17. 17. Marketers Are Primed to Understand • Web development languages • Crawlers and bot behavior • SSL certificates and HTTPS • Redirects • Referral traffic • IP networking • Analytics and logs Tweet #AskSucuri to @SucuriSecurity
  18. 18. Black Hats White Hats
  19. 19. BLACK HAT Hackers Exploit security weaknesses for malicious purposes. BLACK HAT Marketers Bully people into buying their products.
  20. 20. BLACK HAT Hackers Exploit security weaknesses for malicious purposes. BLACK HAT Marketers Bully people into buying their products. WHITE HAT Hackers Identify security issues so they can be patched. WHITE HAT Marketers Shine a light on a problem and offer solutions.
  21. 21. Privacy and Compliance • GDPR, CAN-SPAM, CASL – spam laws • PCI DSS – ecommerce • “Not Secure” - warnings in Chrome • SSL as a ranking signal in Google search Tweet #AskSucuri to @SucuriSecurity
  22. 22. SSL does nothing to protect the website from being attacked. Don’t get me wrong. Encryption is a good thing. It protects passwords, credit card data, form data... Tweet #AskSucuri to @SucuriSecurity
  23. 23. Only a WAF can protect the website from being attacked (see more on this later…) Tweet #AskSucuri to @SucuriSecurity
  24. 24. Google Safe Browsing Transparency Report Tweet #AskSucuri to @SucuriSecurity “Compromised sites: These are legitimate websites that have been hacked to include content from, or to direct users to, sites that may exploit their browsers. For example, a page of a site may be compromised to include code that redirects a user to an attack site.”
  25. 25. The internet is getting more complex. Tweet #AskSucuri to @SucuriSecurity Bots API Plugin Scripts
  26. 26. We can hope that white hats will find the vulnerabilities first. We can also take steps to prevent a compromise. Here’s Vulnerability!
  27. 27. What is Website Security? • • • Tweet #AskSucuri to @SucuriSecurity
  28. 28. Tweet #AskSucuri to @SucuriSecurity Monitor and Audit Your Web Properties Marketers know logs and monitoring are important. • Spreadsheets, reports, analytics • Social monitoring and Google Alerts • Early detection and responsiveness Now, apply these same concepts to your website integrity. Tweet #AskSucuri to @SucuriSecurity
  29. 29. Verify Domain Ownership for Alerts Tweet #AskSucuri to @SucuriSecurity
  30. 30. Google Search Console Security Issues section shows any warnings. Tweet #AskSucuri to @SucuriSecurity
  31. 31. Tweet #AskSucuri to @SucuriSecurity Scanning for Malware and Security Issues You can scan your website with our free tool: sitecheck.sucuri.net We check for blacklists, outdated software, code anomalies, and known malicious payloads. Note: Remote scanners have limited access and results are not guaranteed.
  32. 32. Tweet #AskSucuri to @SucuriSecurity User Access Logging Do you have a way to know if one of your website administrators suddenly logs in from a strange location at 3AM?
  33. 33. Tweet #AskSucuri to @SucuriSecurity Guide: How to Use the WordPress Security Plugin Sucuri WordPress Plugin https://wordpress.org/plugins/sucuri-scanner https://sucuri.net/guides/how-to-use-the-wordpress-security-plugin
  34. 34. Tweet #AskSucuri to @SucuriSecurity
  35. 35. Protect Your Website from Attacks There are two ways websites get hacked: Tweet #AskSucuri to @SucuriSecurity Exploiting a Software Vulnerability Compromising User Access Control
  36. 36. Tweet #AskSucuri to @SucuriSecurity How to Lock Down Access Stronger Passwords 2FA (Two-Factor Authentication) Principle of Least Privilege Tweet #AskSucuri to @SucuriSecurity
  37. 37. Tweet #AskSucuri to @SucuriSecurity How to Prevent Vulnerability Exploitation Apply software updates ASAP • Patches security holes • Requires you to be a step ahead of the black hats Activate a web application firewall • Blocks zero-day attacks and unpatched vulnerabilities • Mitigates DDoS attacks • Backed by security researchers • Bonus content delivery network (CDN) Tweet #AskSucuri to @SucuriSecurity
  38. 38. Tweet #AskSucuri to @SucuriSecurity Creating an Incident Response Plan • Backups of everything • Documented emergency response plan • Roles and responsibilities • Vet any vendors before you have an issue Tweet #AskSucuri to @SucuriSecurity
  39. 39. Tweet #AskSucuri to @SucuriSecurity Using a backup to reverse a hacked site? Make sure you have reliable backups • Automatic • Secure off-site storage (never on the same server as your website) • Redundant copies • Proven and tested recovery Be sure to restore a backup from before hacker gained access, not just before the symptoms showed up. • Backdoors are often placed weeks in advance of the payload. • If you restore a copy with a backdoor, you’ll be reinfected. • 71% of hacked websites contain backdoors. Tweet #AskSucuri to @SucuriSecurity
  40. 40. Who you gonna call? • Can your IT team identify the latest PHP or JavaScript malware? • Who is responsible for getting a hacked site fixed? • How will you deal with downtime or scared customers? • Do you know which professionals you would call in a pinch? • Sucuri offers free DIY guides for cleaning hacked sites and removing blacklist warnings.
  41. 41. Tweet #AskSucuri to @SucuriSecurity Dealing with Google Blacklist • Blacklisted sites lose at least 95% of their traffic. • Once your site is clean, you can request a review in Google Search Console (Sucuri does this for you).
  42. 42. Tweet #AskSucuri to @SucuriSecurity Welcome to the club! • Marketers shouldn’t do this alone, but they should speak up about it. • By working with the IT counterparts within their company, marketers can greatly improve the security posture of the brand. • Marketers should champion these initiatives and get them prioritized by their business development team.
  43. 43. Tweet #AskSucuri to @SucuriSecurity In Conclusion
  44. 44. v Security is everyone’s responsibility and is inherently tied to trust.
  45. 45. Marketing thrives on trust – and suffers a quick death if it is lost.
  46. 46. The internet needs intelligent and passionate people to raise awareness.
  47. 47. Marketers are resourceful enough to step up to the plate.
  48. 48. Q & A Alycia Mitchell You can reach me at alycia@sucuri.net

×