Double, double toil and trouble; secure your network or it will turn to rubble… Black Hat may sound like something out of a Shakespearian play but the dark art of hacking into networks to steal top-secret information or inflict computer viruses is a major global issue resulting in a multi-million dollar industry in the quest for impenetrable infrastructures. You may have heard some buzz in the news this week about network security given the annual Black Hat conference in Las Vegas. This popular conference sees an unlikely gathering of leading information security professionals and world-renown hackers. But don’t worry, these seemingly opposing forces are gathering for the greater good to share their knowledge in the fight against security evils.
Given this newsworthy event, this week’s blog will explore how we keep CCMS web sites secure and what steps you can take to ensure your site is safe from hackers and Black Hat SEO tactics.
CCMS Web Security
The CCMS protocol for fortifying our back-end web platform is seamless to our clients. It’s so seamless in fact that there is no need to get into the nitty-gritty, techy details here as it’s an area you don’t need to worry about and is top-secret anyway. What we can tell you is that the WordPress platform powering the CCMS service was selected because it is among the most secure and reliable open source products available. A key aspect of WordPress security is that this product is easy to update and immediately releases new versions to fix security breaches. CCMS keeps on top of these updates and installs the latest, stable version once it becomes available to ensure our network is not at risk. The fact that WordPress is open source (unrestricted access to its code), which sounds like it may make your site more vulnerable to security risks, actually means that it is more secure as it leverages the global online developer community to implement fixes to security breaches faster than more traditional, closed-source applications. So due to the secure nature of CCMS and the behind-the-scenes security measures being taken to safeguard our network, rest-assured that your web data is safe and secure.
Black Hat SEO
In addition to external forces who inflict harm upon unsuspecting web sites, it is also possible to wreak havoc on sites from the inside. In the race to achieve a more favourable web site ranking with search engines, web administrators sometimes use techniques that are considered “unethical”. This practice is known as Black Hat SEO. Tactics such as spamdexing, link farms, and article spinning, which have all been referred to in past blog posts, are techniques to avoid in your web sites as they are all forms of Black Hat SEO. Web sites employing these techniques are penalized by search engines for breaking technical specifications and are also penalized by visitors. Search engines penalize sites by blacklisting them from their SERPs and visitors will be scared off your web site because using such techniques is just plain annoying to the overall visitor experience. Conversely, White Hat SEO which generates traffic to your web site using ethical tactics such as generating linkbacks to your web site, will help save your web site’s soul.
Keep Our Web Sites Secure
You can help keep the Carleton web community secure by following these rules:
- Web site access: You log into the CCMS on a secure server which ensures CCMS clients reliable and secure access to their web site. Only those employees regularly working on your web site should have CCMS access privileges. As part of the CCMS migration process, your department provides CCMS with the names of those who will require access to your web site. Do not request access for any employee who is not designated as a regular web user as it poses a greater security risk. This is another example of where planning your web site needs is extremely important by designating one or two web site administrators.
- Password protection: Do not allow a non-registered user to use your login credentials to access the website. Do not communicate your CUNET login details to anyone, and do not log on someone else’s computer with your credentials to work on the CCMS. Browsers are often set to automatically store data entered into form fields thereby saving your login details for future use. And always remember to fully log out of CCMS when you are done working on your site and lock your desktop (Ctrl-Alt-Delete -> Lock Computer) when leaving your desk for any length of time.
- IE6 security issues: Use Internet browsers such as Firefox, Safari, and Chrome instead of Internet Explorer which is vulnerable to security breaches.
Check out the Carleton Computing and Communication Services web site for more information on protecting our network from those Black Hat no-do-gooders.