SaaSy Web Savvy
Website Security Solutions
How secure is your site? Website security is notoriously overlooked by web designers and small business owners. It is an additional expense, and not very well understood. However, protecting your site and your site's visitors is essential for the security, reputation and longevity of your business and your customer's data.SaaSy Web Savvy is a new Website Security Solutions service offered by SaaSy Tech Savvy to support micro and small businesses to enhance their site security and uptime with ease and without doing too much damage to that bottom line. Taking steps now to review your site's configurations and settings will improve your security posture and keep your site running smoothly. This can save you a lot in the long run.Whether you are well-established, brand new, or creating a side-hustle, there are plenty of options available for you.
Let's work together to enhance the security of your site before it's too late.Be SaaSy. Be Savvy. Be Safe.
Website Health Check
Have an existing website? Check your website's DNS health status and security rating now.These free tools will give you an initial overview of your DNS health and security status. Simply enter your website address (example.com) into each of these scanning tools and then review the reports.You might be surprised at what you find.
| Name | Scan | Link |
|---|---|---|
| DNS Inspect | DNS and Email records and errors | https://dnsinspect.com |
| Dmarcian | Confirm DMARC status | https://dmarcian.com |
| SSL Shopper | Check SSL/TLS and troubleshooting | https://sslshopper.com/ssl-checker.html |
| MX Toolbox | All of the above and more | https://mxtoolbox.com |
| Security Headers | Security header check and security rating | https://securityheaders.com |
01.
SSL/TLS
Hackers and scammers love to target small businesses because they are easy prey. Attacking a website or web application is easier than you think, and small businesses are often vulnerable to these attacks. Having an SSL/TLS certificate for your site is not going to protect you from all these attacks, but it will help reduce some of the risks and provides encryption for the data flowing between your website visitors to your web server, if it is set up correctly.Many domain registrars and web hosts require website owners to opt-in for SSL at an additional cost, meaning that not all website owners have automatic SSL protection, or only partial SSL protection. Having full SSL/TLS protection is vital for every business site or app that collects contact information and other data from visitors, offers bookings, payments, mailing lists and other data transfers.
02.
DNS Configurations
DNS configurations can be tricky and are often overlooked once a website or web application has gone live. Configuring your DNS correctly and adding additional DNS settings will help keep your site running smoothly and also provides additional protection for your site and business email.Companies like Google and Microsoft have begun implementing stricter rules around email configurations in an effort to reduce spam, spoofing and phishing attacks. If your DNS is not set up correctly then you may find your emails will no longer be delivered to your customers, or at the very least will end up in their spam folders. Likewise, incorrect configurations can also increase the risk of other parties spoofing your domain and sending out emails that appear to be from your business. This is a common way for bad actors to gain access to your customers and even gain access into your own systems.
03.
Security Headers, WAF and HTTPS
Configuring your domain and site to only use secure pathways and to reject visitors and data that may be damaging or malicious is an ongoing battle. Web browsers and web server host providers do include some protections by default, however the responsibility is on domain owners and administrators to set up many of these enhanced security settings themselves.Newer security headers like Referrer-Policy and Permissions-Policy will need to be configured by the website administrator. Older headers may no longer be respected by web browsers leading to reduced protections. Customers may also not be up to date with their own internet and web security, which can leave them more vulnerable and also increase the risk to your business.Web Application Firewall (WAF) can add enhanced protection and reduce your risk by selectively electing which visitors can access your site and what data can be transferred between your site and the client's browser. This can protect you from bots, AI, crawlers and hackers.By keeping all of your configurations and settings up to date and utilising a good WAF can protect your business and customers from the more common web security vulnerabilities as identified by OWASP.Content-Security-Policy is a complicated area and incorrect configurations can break your site or app. Please consult a cybersecurity professional or web developer with experience in this area if you require a full Content-Security-Policy for your site or app.
SaaSy Web Savvy
Services
If your business does not have access to a website administrator or IT professional to manage your configurations and settings, or you lack the time to do it yourself, then look no further. SaaSy Web Savvy can help.
Consultations to identify business requirements
Security assessments and vulnerability scanning
Recommendations for hardening website security
Connect your domain to Cloudflare for powerful domain management, CDN, and enhanced security features
Guidance and/or support for setting up domain configurations and settings (excludes in-depth CSP)
Adding additional security enhancements to your site (e.g. reCAPTCHA or Turnstile)
Review of SaaS applications and services (e.g. G Suite, iCloud, Microsoft 365, Slack, Site Lock etc)
Explore additional measures specific to your business
SAASY WEB SAVVY
Get in touch!
Have a question or want to book a consultation?
Fill in the contact form below.
You can also specify your preferred contact method in your message.This is a neurodiverse affirming and disability friendly business. Please feel free to include any additional requests or requirements that will make our interactions more comfortable for you.SaaSy Web Savvy is a service offering from SaaSy Tech Savvy.
Support STS!
Follow @saasytechsavvy
© 2024. SAASY TECH SAVVY. All rights reserved.
ABN 95 214 597 925