75% of websites contain vulnerabilities according to symantec
Why just a few think about the security of clients websites?
If you develop websites, design blogs or e-commerce for a client, you have clear the important issues. However, interestingly, we will all agree that not often website security, malware removal or cleaning up process are not mentioned. Usually we discuss about:
- When: always, the first. And almost without talking about what. Sooner. It is true that here is an important point is that the sooner they see results before we can adjust things to how they want customers. So I’d better remember many.
- What: the project can be a web, a web and maintenance or a web, positioning and maintenance, an e-commerce, a blog. Even if you completely develop a web and mobile app for the client. It is fundamental to delimit and talk about what, although this just is the most important and the most ethereal. What determines when. And things like what your client’s goals are, strategies to get it, your business values, blog, e-commerce are fundamental to doing things in a consistent way.
- The how (and where): maybe there are clients who want to know if you are going to use WordPress, Joomla, Prestashop or Drupal. If you will send them deliveries every week, or every month. The how is very important as it directly impacts on the outcome of the project and it determines when will the site be really published and working.
However in very few projects we talk about security. Aha. Nobody thinks about the malware, nor does anyone imagine that someone can hack their site, blog or e-commerce. And the key questions are will the client understand the need of a security maintenance? Who is responsible for reviewing malware? And updating themes or plugins? And backups? What is the protocol and policy of changing passwords?
When to talk about the security of the web, blog or e-commerce of your clients
It would be important to talk about safety from the beginning. Not only when you’ve finished the project and someone says: and if it ever fails, what happens?
There are many reasons why a website can ‘fail’. Obviously depends on the scope of the project, but nowadays everyone wants to have no downtime and a good brand reputation. From a professional blog (even personal) to an e-commerce.
That’s why, if you are clear from the beginning of your client’s website security maintenance plan and tools, you can earn both time and money. Even if they are the ones in charge of website security maintenance, teaching them about the options they have for doing that continuous analysis can be a great idea. And implementing a continuous and periodic security maintenance is basic in the health of an online business.
If you prefer to make it reactively, after attack, there are free tools that can help you to diagnose if your client’s site, Joomla or WordPress has been hacked. But, we highly recommend to be proactive in website malware analysis and removal. Try to discuss with your client from the beginning the impact that can cause on his or her website, brand or positioning not caring about security. The client will understand the importance of this point and the money that you both can save.