Should You Outsource Security of Your Website?

From

editione1.0.0

Updated October 9, 2023
Now Available
Security for Everyone

While this chapter will go through the steps to take to elevate your website higher up that internet fruit tree, let’s be honest—not all of us are website fanciers or connoisseurs. While it wouldn’t be worth it to outsource management of your email, outsourcing websites are a different story.

A service provider who looks after your website’s security is often responsible for:

  • Picking and managing the hosting providers and software you need for running a website.

  • Keeping your website and any software and plugins you use up to date and configured securely.

  • Setting up your HTTPS certificate to make sure all the traffic on your website is secured.

  • Managing access to your website and other website accounts, including remote access.

  • Configuring backups and other configurations that impact your website’s availability and speed.

These service providers can take many shapes and sizes, just like any other outsourced service or consultancy. Some service providers may only support specific website platforms, such as WordPress. Often the same companies that will sell you your domain or a website hosting subscription will bundle in a managed website service for an additional cost.

If you can budget for this, great! But just like you might vet a nanny before you get them to look after your (human or furry) kids, you need to vet website service providers too. You can start with using this chapter of the book to ask them questions and make sure they are doing the right (secure) things.

danger Ask contractors who work on your website how they manage software updates, require them to use 2FA, and require them to use safe remote access technology to access your website server. Don’t assume that they will do so automatically.

The cost for these types of services will vary. What we can recommend is using this chapter to understand the work that needs to be done. You are smart, and with time can learn how to secure your website on your own. But time is money, and your time could be better spent doing other things in the business. It is a balance that you will have to find, and decide on.

Step 1: Use Secure Web Hosting Providers and Software

Once you have a domain and a website, it is time to do a stocktake and see if it is safe enough to use, or if it is time for an upgrade. There are a few different providers involved in hosting a website, even if some are not very obvious to you or others. These include:

  • The domain registrar, which is the service provider who you purchase and manage your domain name through.

  • The DNS hosting provider, which is the service provider where you configure different technical settings related to your domain name (like your TXT records for SPF/DKIM) and the records for tying your domain name to your website (IP address). Your DNS hosting provider and domain registrar may be the same company.

  • You’re reading a preview of an online book. Buy it now for lifetime access to expert knowledge, including future updates.
If you found this post worthwhile, please share!