Investing in security is like building a fortress to block a castle from outside invaders. The more you take precautions to harden the security of your site, the less likely you are to experience a disastrous breach.
There is no laxity with security either. WordPress.org says it well, “Security is not an absolute, it’s a continuous process and should be managed as such.”
Therefore, when looking to invest in a technology that further protects the digital experience you’ve built, be sure to ask these questions:
Where can I find your security policy?
It’s important to know precisely what the underlying technology stack is so that you know what you’re putting your site on. Also ask for a detailed breakdown of the hosting company’s policies and measures and seek it in written form too.
Can you tell me about your site backup process?
In the unlikely event your site is hacked, will you be able to attain an immediate backup? Determine whether your hosting company offers automatic backups, what they specifically back up, how long it is retained, and where it is stored.
Do you offer Let’s Encrypt?
What used to cost you hundreds to thousands of dollars per year is now a free entity with Let’s Encrypt. Let’s Encrypt is revolutionizing the web by providing free SSL/TLS certificates, which can be attained through many hosting providers.
Since Google Chrome has already started issuing “Not Secure” warnings for pages not secured with SSL, it’s imperative to switch your site over from HTTP to HTTPS.
How can we partner on security?
Let’s face it, security is a responsibility of both parties. It’s important that you do things like use a strong password and not give site admin privileges to just anybody. You’ll definitely want to discuss with your hosting provider what you can do on your end in regards to security best practices you can implement.
Most importantly, you’ll want to look for transparency in your answers. If you ask a hosting company whether or not they’ve suffered a recent attack, look for honesty. It’s not a deal-breaker if a hosting company has been hacked — it can be a winning trait if you determine how the company handled the event and what they did to further prevent malicious behavior.
Remember, security is one of the areas you just can’t afford to cut corners on. While there are many other questions you could ask when browsing for hosting solutions, hopefully these starter questions can help you narrow down the field toward the technology stack and partner best suited to your needs.
About the Author: Darcy Wheeler- Darcy works as a content marketer for WP Engine, a platform built to power amazing digital experiences for websites and applications built on WordPress. You can follow her on Twitter @darewhee.