925,633,824. According to IT Governance, this is the number of records breached through cyber-attacks in September 2018.
It gets even worse.
On January 3rd, 2018, a company called Aadhaar disclosed that cyber-attacks exposed 1.1 billion of their records. As shocking as these revelations sound, this is just a tip of the iceberg.
Other companies breached between January and June 2018 include Saks, Lord & Taylor (5 million records, April 3rd), PumpUp (6 million records, May 31), Sacramento Bee (19.5 million records, June 7), Ticketfly (27 million records, June 7), Panera (37 million records, April 2), Facebook (87 million records, March 17), MyHeritage (92 million records, June 4), Under Armour (150 million records, May 25), and Exactis (340 million records, June 26).
Hackers are increasingly becoming bolder and more sophisticated. Even the most stringent security measures do not guarantee your system will not be compromised. The cases cited above are all big data breaches. The situation is even worse with small data breaches that are never reported.
As dire as the situation may be, with VPS hosting, you can safeguard your company from some of these breaches. This is because the hosting environment and your website’s basic infrastructure are your main defences against potential cyber-attacks.
Your first step in protecting your critical assets is hosting your website with a reputable VPS hosting company. Other essentials of an ideal VPS hosting package include:
1. Access Control
Strictly regulate your server configuration and user management roles. Threat actors cannot harm your systems if they can’t gain access. Use strong access passwords and establish usernames conventions. You can do this by enforcing password strength policies and regular credential updates. Since admin passwords could cause the greatest damage if hacked, they should be the strongest. Change all passwords in case of suspected hacking or after updating your content management system.
The aim of restricting access is to regulate your server environment and fend off unauthorized entry. To minimize the possibilities of unauthorized access, remove remote access options for admin accounts. This allows only the accounts with sufficient authorization to access and manage sensitive areas.
2. SSL, Firewalls, and DDoS Prevention
Hackers do not have to infiltrate your system to cause damage. Through DDoS (Distributed-Denial-of-Service) attacks, they can send persistent huge loads of traffic to your website with the aim of making it useless for your visitors. A good VPS hosting company offers some level of protection against such attacks through firewalls. Firewalls also help control remote access and monitor traffic. You can use the ConfigServer Security and Firewall to manage your security and server settings. A good VPS hosting service should also provide SSL certificates.
While it is your responsibility to implement SSL certificates, you cannot do so if your VPS host does not provide them. An SSL (secure sockets layer) is critical when transferring data to and from a server. Although it does not secure it from malware or attacks, it nonetheless encrypts and secures communication between a site user and your server. SSL secures your customers’ information by encrypting their activities on your site. This encourages them to trust your website.
3. A Secure MySQL
A VPS hosting service without a secure MySQL environment is like a house with an open door. Anyone can gain access. A secure MySQL prevents hackers from reading server databases and stops malevolent attacks. Some of the features of a secure MySQL environment include strong passwords, stringent management of file privileges, and making sure not to run a MySQL server as a UNIX root user since this can allow users with file privileges to create files as root.
4. PHP Configuration
Once you know what the major threats to your organization are, you can take measures to protect your website. Most cyber-attacks are aided by weak database configurations and file uploads. These should be among the first to make hacker-proof. A VPS hosting solution should provide you with a secure PHP configuration.
To find out if your PHP is configured securely, run a PHP configuration test to check the state of the php.ini file. You can also enhance the security of your PHP configurations by reducing loadable PHP modules, restricting information leaks, and by exploring built-in modules.
5. Backups and Restore Points
Backup and restore points are critical components in any VPS hosting service. As much as you can take measures to protect your systems from a security breach, you cannot guarantee your records will not be exposed. When your records are compromised, you need a fallback system to recover your data.
A VPS hosting company should have a backup policy with backup schedules. You need to know how often they back up your data and whether the support staff will help you restore your site using backup files. You need to determine whether your host only allows the use of the most recent backup or whether they can allow you to access much older backups should you need to go back in time.
6. Network Monitoring
Establish whether your VPS host monitors the network for unusual activity and intrusions. In most cases, stringent monitoring can stop the spread of malware from server to server before it can get to the server on which your site is hosted.
7. Scanning and Purging of Malware and Virus
Your VPS host should have endpoint protection software for scanning and purging viruses and malware from your server. Find out what protective measures they perform and what yours are to protect your site. Do they scan files in your account, and are there reports to prove this? Do they help with malware or virus removal in case your account is compromised? These are important essentials of a good VPS host.
8. High Uptime Guarantee
An ideal hosting company should guarantee at least 99.9% uptime or more. They should use redundant hardware to avoid potential downtime during hardware failures. Make sure firewalls are configured to run in pairs. This way, in case one fails, the other one picks up the full load. This works for servers as well; when one fails, the redundant one should pick up the load to minimize downtime, if any.
9. Managed Hosting
The best way to increase the security and functionality of your website is to go for managed hosting. In this case, your host manages the hosting hardware while you manage your website and software. The burden of ensuring your server security rests on the shoulders of your hosting company. Managed VPS hosting is, therefore, the most hassle-free, secure web hosting you can get.