SherWeb

Web hosting provides a great deal of benefits for website owners looking for an affordable, easy way to maintain their website. But less technical users are more apt to make the mistake of looking for a web hosting provider without knowing what to look for to keep their site secure, or even if the hosting provider in question is reputable.

It is vitally important to make sure that your hosting provider offers security features and damage control options that are right for your needs. For instance, if you use collaboration software such as SharePoint 2010 you can feel confident about its powerful security architecture but- you have to make sure that your hosting provider deploys the software securely.

When it comes to hosting security, one of the biggest threats to watch for is an SQL server that you cannot manage directly. Many web hosting companies will not allow users to directly manage database permissions and this runs the risk of another user configuring a web facing application incorrectly and leaving a vulnerability open that may get your data compromised.

Another very common risk is improperly configured VPS software. There could be as many as 50 virtual machines on a single physical server, and if the software managing these servers is not configured properly it could leave all of the machines vulnerable without the user themselves doing anything wrong.

However even the best security and prevention measures cannot protect your data from problems such as natural disasters, application errors, and the occasional zero day vulnerability. In these situations prevention and mitigation are necessary to protect and restore your data in the event of a loss.

Solutions

One of the simplest, and most overlooked security steps that can be taken is to ensure that there is an encrypted communication method between the user and the server, and between servers. Common and freely available technologies such as secure shell (SSH), secure socket layer (SSL), secure file transfer protocol (SFTP), and secure copy (SCP) ensure that data communications between machines are encrypted in a way that makes it difficult for attackers to obtain the data while it is being transferred.

It is also very important to never store passwords in plain text format, and you need to make sure your hosting provider does not do this.

Finally, the importance of good offsite backups cannot be overstated. If despite all your precautions your data is lost or destroyed, you can mitigate the damage by ensuring that your data can be restored quickly and completely.

Secure hosting providers will generally provide one click offsite backups so that if anything happens, even if the data center housing the data itself is destroyed, your data is secure and can be restored quickly and easily.