Below are a number of simple things that Foregenix recommend be performed on a regular bases in order to help mitigate breaches:
2. Implement a password policy that covers the following:
You can also check - and monitor - your website security status using our free ThreatView Community service:
While a number of the recommendation made above may sound simple, they can be very effective in helping prevent an attack on the website. One of the sayings I tend to refer to when speaking to impacted customers is “you don’t have to outrun the bull, you simply need to outrun the person next to you”. It may sound horrible, but when you look at the statistics, attackers simply target those websites that are susceptible to vulnerabilities rather than trying to exploit the unknown. A lot of the time, the attackers will simply monitor the patch notes and security bulletins for frameworks like Magento or Wordpress and then scan the Internet for websites with those vulnerabilities and once detected, exploit them. By implementing a simple update policy that ensures critical security patches are applied within a month, you could be making the difference between your website being targeted or being left alone.
If you think you might have fallen victim to a breach, do not hesitate to contact us here at Foregenix.