What you need to know…

Why security?

Well.. there are a lot of websites out there that aren’t secure, or up-to-date, and simply, they get hacked and their client data is leaked all over the web.  Hence we thought, this is something we know and are good at, so on top of our current skills we just decided, hey let’s do cyber security for WordPress websites.

Digital technology continues to transform and disrupt the world of business, exposing organisations to both opportunities and threats. So it’s hardly surprising that cybercrime continues to escalate – ranking as this year’s second most reported economic crime.

Are you guys hackers?

We like to say that we are as good as some super smart awesome black-hat hackers out there, but the fact of the matter is, we are a bunch of IT guys, nerds as some would say who come from various backgrounds, including, web design, web development, information security, penetration testing, physical security, electronic surveillance, well you get the drift.  We try and breach our own security every day, like for instance when someone is AFK, we login onto their Facebook page and post funny photos of upside down kittens (P.S. no kittens were harmed!).

So are your websites hack-proof?

I wouldn’t say hack proof, if it’s online, I’m sorry to say it can be hacked.   We reduce the risk to an acceptable level your business can take.  Normally when an attack occurs we have measures in place to ensure we can counter the attack and get your business up and running with minimal downtime.  If Hillary Clinton and the NSA with their billion dollar budgets and thousands of cyber security experts can’t defend themselves against hackers, c’mon give us a break.

Have you guys ever been hacked?

Unfortunately, Yes.  In the past when we started out, WordPress (about 8 years ago) had several vulnerabilities that allowed hackers to penetrate our network.  They left funny little messages, like “hey we hacked you, make sure your website is secure”.  So yes, we learnt our lesson.  Several things we did find though that were interesting:

  • How some hosting providers had weak security that allowed for the hack to occur,
  • How fast it was to recover from a hack to restore the website back to pre-hacked state, and
  • How to secure WordPress websites so the hack didn’t occur again.

Since then we haven’t really had had any websites compromised (hopefully).  So the level of skill of the hacker at the time must have been a Script Kiddie, and there we some serious vulnerabilities in the systems we had in place.

So what’s the difference now?

We have tonnes more experience now, we host websites on our own servers, which we control, and they are hosted right here in Australia.  Everyone who has a website with us must purchase security certificates known as SSL to be a client, which we also provide.

We have backups, backups, backups in place.  So a steel mountain like scenario would be very very unlikely to occur, unless the hackers somehow simultaneously targeted all our backup facilities, destroyed all our servers and destroyed the website server.   In that event well your website must have done something that deserved that kind of attention.

Why SSL?

SSL abbreviated for Secure Socket Layer, provides a secure protection between a computer and the website’s server.  So any information transmitted across to the website is encrypted and reduces the chance of packet sniffing and man-in-the-middle attacks.  Plus the added bonus is that sites with SSL encryption are ranked higher on google search index.   You will notice with sites such as your banking website will have a https:// with a green lock next to it, indicating that the connection is secure.

Can I not have my website with SSL to get cheaper hosting?

In short No.  There are many other awesome companies out their that offer cheaper hosting options.   We simply see that since we are cyber security firm, we cannot lower the security of any website that is hosted on our servers.  Simply allowing even just one person to have a no security on their hosting plan could compromise the security of others who have paid for it.  Simply we charge more to provide security for your website.

Why WordPress?

Some of the elite among the web community would like to say stay away from WordPress.  It’s rubbish, it’s not secure, it’s open source, etc.  the list goes on.  We like WordPress, because it is free and open source (no, no, you still have to pay us to put the site together,  I like where your head was at, but hey we still need to feed the cat and budgie and the occasional breakfast at McDonalds).  It is very search engine friendly and yes 74,652,825 million sites out there depend on WordPress, so suffice to say that your cousin Fat Tony who programmed his own CMS and says he’ll charge you an arm and leg for it as well, just doesn’t cut it for us.

But, some projects are not suitable for WordPress.

Yes, true.  Hence we have a small team who are focused on custom websites, custom apps etc.

While this area is not our focus area, just throw something our way and if we can handle it we’ll let you know.

Are you affiliated with IBM or the Australian Bureau of Statistics?

NO! Next questions.