BEST SECURITY PRACTICES
Using a strong password is important in protecting your accounts. We recommend updating your password quarterly and using a computer-generated password. Click here for a link to one we use often.
You must not share any passwords over email; instead, use an encrypted message or a service like dead-drop.me. Or, you can create a new Google doc with the password information and share the link with the recipient. Once the recipient has the information, delete the document.
Your website hosted on WordPress offers 5 tiers of user access including, administrators, editors, authors, contributors, and subscribers. We recommend that few have administrative access to reduce the chances of a hacked user account. We also recommend that these added users are reviewed regularly to determine who still needs to have access to the website.
After a form has completed its purpose, please download all data from the entries before deleting the form. The contact form should be removed from the site after the intended use to reduce the risk of spam and hacking attempts.
When you collect any data the privacy of those entries falls into your responsibility, if there is personally identifiable information, HIPAA violations, or entries from persons underage the requirements of data are unique. Please reach out to us to review your individual data handling obligations.
We have added WordFence Security to all of the sites that we manage. WordFence provides a level of security that does a multitude of things. WordFence Security checks for spam, blocks any attempt to access the site, scans for Malware on the site, alerts us with vulnerabilities through plugins, checks for password strength, and alerts us with any attempts of file changes.
We recommend that after any employees leave the company you change the passwords to their email addresses, and access to WordPress, Google Drive, and any other accounts that may need to have restrictive access.
Two Factor Authentication
We now require all Admin users on WordPress to activate Two Factor Authentication. 2FA essentially reduces the risk when it comes to compromised passwords. It provides a layer of protection as hackers try to forge their way into your site. We also recommend adding 2FA to all social media platforms, e-commerce platforms, and other services where it is an option.