websecurityHas your website ever been hacked? Have you ever wondered if your website could be compromised?

The real question regarding website security is not IF you have been hacked, it is WHEN!

There is not any such thing as a hack-proof website or server. In fact you can be hacked right now and not even realize it. Normally when a website gets hacked, it is by mere “Kiddie Hackers” using publicly available scripts that automatically look for no security vulnerabilities with your server or website files. If they are successful they might deface your site, put up a splash screen with some funky techno music, and at the most delete some files off the server.

Now the real threat is the hard core guys that are looking for sites that they can data mine, access your databases, get personal information and bring your business to its knees making life very hard for you. These are the types of people that when they hack your site, you would never know it. These types of people plan what they call payloads on your server that run behind the scenes without your knowledge.

So how do you prevent this? Well the first step is to get a free security audit by Contacting Us.

Integrated Technology and Design Inc has many security methods available to us for fending off intruders. Our software solutions can protect at the individual website level as well as an entire server. If you think your server is secure, that may be true but keep in mind that hosting companies only have THEIR best interest at heart to protect their own servers from being hacked. This does NOT mean that your website and database are safe. Hosting companies only provide just enough security software to protect their own servers.

And if you trust that your hosting company is backing up your website files and database every day, you are going to be in for a huge surprise when you try to restore your website after it’s been hacked. Integrated Technology and Design Inc also offers website backup services that can keep your website from ever being deleted without the chance of recovery.

Statistics have shown that most websites are exposed to at least one major vulnerability 9-12 months of the year.

The following statistics were taken from the website WhitehatSec.com and show the real numbers of the average website vulnerabilities.

Top 3 Key Findings

  • Most websites were exposed to at least one serious* vulnerability every day of 2010, or nearly so (9-12 months of the year). Only 16% of websites were vulnerable less than 30 days of the year overall.
  • During 2010, the average website had 230 serious* vulnerabilities.
  • In 2010, 64% of websites had at least one Information Leakage vulnerability, which overtook Cross-Site Scripting as the most prevalent vulnerability by a few tenths of a percent.

stats winter11 ataglance

Figure 1. 2010 at a Glance – Sorted by Industry
The average number of serious* vulnerabilities per website, the percentage of reported vulnerabilities that have been resolved (Remediation Rate), and average the website is exposed to at least one serious vulnerability (Window of Exposure).

* Serious Vulnerabilities: Those vulnerabilities with a HIGH, CRITICAL, or URGENT severity as defined by PCI-DSS naming conventions. Exploitation could lead to breach or data loss.

If your website has been compromized or you are just wanting to have a precautionary analysis done then please contact ITD for a free inspection