If you develop websites or apps, either for your own business or for clients, keeping the systems safe, stable and scalable has to be a constant priority.
Gov.uk highlights the eyewatering costs that typically go hand-in-hand with a data breach – on average, that’s £1.46 million ($1.92 billion at the time of writing). Even for SMEs, the cost of breaches can reach £310,800 (approx. $400,000). Furthermore, companies presiding over unreliable and unstable systems aren’t easily forgiven by their customers, who often vent their frustrations online and quickly fill Google’s search results with negative brand associations.
So how should you ensure you don’t join the growing list of brands associated with poor online security or flaky electronic systems? As with so many things, the steps you should take are simple, yet often ignored by many. Here are a few key pointers:
1. Enforce strong password management
The need for strong (and regularly changed) passwords should be recognized and embedded throughout the IT industry by now – but it’s not.
Early in 2017, The Telegraph revealed that “123456” remains the most common password in use across the world. It beggars belief that despite a constant flow of headline-grabbing data breaches, people still insist on ignoring advice on password security. These people are making life far too easy for cyber criminals.
It’s therefore down to you to enforce sensible password management and give users no option but to use suitably complex passwords and change them regularly. These processes should be in place both for end users and internal staff – because it’s not only end users who can take a lazy approach to passwords.
2. Manage peaks in traffic
One thing you really don’t want to see happen is a system grinding to a halt due to a jump in popularity, or a site crashing due to a surge of traffic. Unfortunately, this can and does happen when developers fail to plan for sufficient capacity to handle heavy server loads.
The answer is to implement a load balancer to ensure that traffic is always properly routed and handled by your available infrastructure. (Obviously, the infrastructure itself needs to be adequately provisioned also!)
Load balancers can perform numerous functions, such as distributing traffic across multiple servers, detecting troublesome equipment and providing “at-a-glance” reporting on resource usage. Needless to say, it’s best to implement them before any anticipated rise in traffic to your site or app.
3. Stick to strict maintenance schedules
Few things irritate users more than unexpected system availability. However, it’s essential to plan in system maintenance so that your infrastructure can be kept patched and up to date.
There will always be times when it’s necessary to quickly apply a patch, and at those times it will become necessary to prioritize security over user convenience. However, for all the rest of the time, it makes sense to define a schedule that strikes the right compromise between consistent system availability and adequate time to keep all systems and related plugins secure.
As we said at the start, these steps are simple – and far from rocket science. However, plenty of companies neglect them and make basic errors. All you have to do is make sure you don’t become one of them.