The Cheeky Monkey Media Blog

A few words from the apes, monkeys, and various primates that make up the Cheeky Monkey Super Squad.

Site Security banner

There’s a famous line from the movie Field of Dreams that you’ve probably heard before. “If you build it, they will come.” You know as well as us that it takes a lot more than just merely being online to attract customers, drive business, and grow sales. As excellent as it sounded in the movie, there’s only one group of people that are guaranteed to come. That group are the hackers, spammers, and all the other all-around bad-dudes of the Internet.

secretsafe gifKeep it secret. Keep it safe. Your data, that is.

Nowadays, most companies are collecting at least a little bit of information from users or customers. At some level or another, you’re probably already doing this on your site! Sometimes this data is pretty innocent, like a cannabis site that asks if you’re over 21 or not. Another example could be video content that’s locked based on the viewer’s location (I’m looking at you, BBC! Canada’s a friggin’ commonwealth country, c’mon! Just lemme watch Dr. Who clips on YouTube!).

On the other hand, if you’re doing something like selling insurance services, you might be getting full names, addresses, credit card details, and even social insurance numbers from your users. That’s more than enough to steal entire identities or at minimum, cause a severe scandal for your company. It’s paramount that you take steps to keep your site, your data, and your customer’s data safe and secure.

Now, I’m not trying to scare you with this bit, but even when you think your site is safe and secure, there are times it might as well have a giant flashing neon sign saying “HACK ME” all over it. If they notice a single tiny crack in your website security, it could be game over for you.

Let’s hold up for a minute though and get a bit metaphorical. Let’s look at site security through a different lens.

The Death Star imageA long time ago in a galaxy far, far away…

The Death Star, as it was commonly called, was a gigantic spherical space station with a diameter of 160 km constructed over two decades. The goal of the station was to provide safety for citizens, promote interplanetary peace, and minimize malfeasance. At least that’s what the official Imperial documents say. (Wow, who could have seen the Star Wars connection coming in a blog post by K2? So surprising!)

The designers of the DS-1 “Death Star” orbital battle station equipped it with the most advanced systems seen in the galaxy. Top-of-the-line turbo-lasers, laser cannons, and ion cannons provided firepower. A class 4 hyperdrive let it move around the galaxy quickly. The armor? Don’t even get me started. The outer layer of the Death Star was some of the strongest durasteel ever seen in history. Add to that the complement of TIE fighters numbering in the tens of thousands stored in hangars around the equatorial trench, and the Death Star may as well be totally impenetrable.

With over 1,000,000 crew members on board the Death Star certainly wasn’t understaffed or undermaintained. When an issue arose, it was diagnosed, dealt with, and done.  There were crews constantly monitoring every system on board to make sure everything was running smoothly. Regular TIE fighter patrols around the station ensured that any incoming assault would be noticed and dealt with instantly.

What I’m getting at here is that nobody in their right mind would ever think that the Death Star was capable of being attacked, let alone damaged. Destroying the Death Star? That’s just unthinkable.

 

Death Star graphic

 

Yet, that’s precisely what happened. A small unprotected thermal exhaust port went unnoticed, even with all of the staff, maintenance, and diagnostics continually going on. With a pair of proton torpedos, Luke Skywalker destroyed the single most powerful, expensive, and protected piece of government property ever.

So why am I harping on about the apparent invulnerability of the Death Star since we all know that it just gets blown up at the end of the movie? (Spoilers!)

Because you might feel the same way about your website. You’ve installed a Drupal module or WordPress plugin to eliminate spam. Everyone in the office has anti-virus, and your passwords are super secure. So what could possibly go wrong?

Okay, I feel like I have to clear something up really quickly. I’m not saying that your company is like the Empire or anything like that, I’m just drawing some parallels to what I know. You’re not evil, you’re the opposite of it! Also, you’re super cool and look fantastic today. Is that a new haircut? Okay, cool. Let’s continue.

Despite your best efforts, your site probably has some unprotected and unnoticed thermal exhaust ports. Modern content management systems like Drupal and WordPress make it easy to keep your site running, but that’s not all it takes.

Trench Run gif

So what can you do?

With a proper maintenance plan and the technicians in place to execute, you can board your exhaust ports up and stop worrying about a small one-man fighter destroying your orbital battle station. This means staying on top of all of your updates. It means keeping current with security news. It means that every module/plugin on your site needs to be compatible with one another. It means performing updates as soon as possible after they’re released. It means building your forms properly to protect against SQL injection attacks. It means finding every little thermal exhaust port on your site and making sure you’ve blocked them up.

Basically, it’s a lot of hard, time-consuming work.

If you’ve paid attention to the headlines in the last couple of years, you might remember a few of the following high-profile cybersecurity attacks. Some of these are large companies that you’d expect to be much more secure than they apparently are (or were at the time of their hack). In each of these attacks, thousands and thousands of people’s personal data were compromised and either leaked online or sold to third-party malicious actors. Don’t just take our word for it, check out this page that breaks down the 18 most significant data breaches since the invention of the net.

Right now, you might be thinking, “I can’t. It’s too big,” just like Luke Skywalker said when he tried to lift his X-wing from the swamps of Dagobah. We’re here to tell you that it’s not. It can be done! You just need us to do a little monkey business to help lift your site to safety.

Now look, we’re not here to be your Jedi Master Yoda and train you to become an expert code guru, hacker-destroying, cyber Jedi badass. If we’re being honest, we know you probably don’t have the time, let alone the desire, to learn the tools and languages to become your website’s version of the Terminator.

That’s where we come in.

Our team of Monkey Jedis has the know-how and ability to take care of it for you. We can identify, diagnose, and repair all of your vulnerable exhaust ports. By performing site audits, code reviews, and several other secret tricks we’ve got up our sleeve, we can ensure your site is secure, safe, and up to date so that you don’t have to worry about it.

Get in touch with us today so we can help you help your site. Whether you decide to have us perform a website audit, a full website rebuild, or if you purchase one of our ongoing maintenance packages, Cheeky Monkey Media will help you strengthen your shield deflectors and block off those pesky thermal exhaust ports.

And as always, May the Force be with You.

 

Posted in General