The Problem: Inexperience Puts Company at Risk
The client company offers cloud-based software and service to its customers. But when it came to their own website, which was built in Concrete 5, there was much room for improvement. They worked with a design firm and a website developer, who had little website cybersecurity knowledge. The developer copied and pasted open source code from GitHub, providing an opening for hackers. If it’s open source code, a knowledgeable hacker can find, use, and potentially exploit it.
Other problems with their website, listed below, were an opening for a breach.
- Outdated PHP
- Outdated server configuration
- Modules required by the web platform that are not in use or updated
- Lack of manual monitoring
- Unsecured open port on the Server
- Server was out of date
- Poor website hosting
- Hosting subdomain on a completely separate server and hosting system, then the domain. Opened another door, which created another server connection that could be compromised.
And of course, the hack occurred.
Hackers accessed the site using a remote server on a mobile Apple device. The result was a mess that cost the company many sleepless nights, as their customers may have been exposed as well.
The Solution: Extensive Website Cleanup, Security Review, and Training
Dashboard Interactive’s cybersecurity expert recommend several steps to rectify the situation. First, we identified the intrusions and then completed a thorough cleanup of the compromised code on the site. We then rebuilt the website database, making sure it used the most current security protocols possible.
Lastly, we provided extensive consulting services for key members of the IT department. This ensured that they were knowledgeable about the issues that lead to the breach, and also helped them learn what to look for in the future.
Between the clean code, refreshed website, and consulting help, the Cloud-Based Software Company was well on their way to a secure, safe website.
Outdated plugins and codes are a signal to potential hackers that your site is vulnerable. It’s like leaving your car doors unlocked or sharing that you just bought an expensive stereo system for your house – you’re advertising your vulnerabilities. Close the gaps, protect your business, and make sure that the security protecting your website is strong.
Let’s talk about website cybersecurity. Call us today at 763-242-2454.