On 13th June 2017 Google announced the worldwide release of its small business web builder, Website. Accessed through the Google My Business dashboard it offers a simple web-building tool that allows a business to create a single-page website in as little as 5 minutes.
To use the web building tool your business needs to have a verified listing on Google from which all the information already uploaded to your listing will be transferred to your newly created website. This connection between the business listing and website means any future changes to the listing information will be automatically shared to the website.
This product does not offer a replacement for a fully functioning multi-page website but it can offer new start-ups a quick and easy way to get their businesses online and showing in their local search.
This web building tool offers a honed down version of a full-blown website; it has some obvious draw backs such as no social sharing buttons and no ability to add meta descriptions (a tag that summarizes a page’s content, shown in search results) however with the ability to create a mobile-friendly website in minutes it will offer a great stop-gap website for small businesses who want to get their business online quickly.
The tool is free to use if you stick to the default URL, yourbusinessname.business.site, however there is the option to purchase your own domain name. As the tool currently doesn’t offer great opportunity for improving your SEO it would be advisable to at a minimum purchase an individual URL.
We will have to watch how Google My Business Website Builder develops and see if Google roll out other features to improve what’s on offer, particularly regarding SEO, but as a tool for a new start-up this could be a good temporary solution.
To read more visit:
or contact us for to set this up for you
In the current climate it is essential that you have an understanding of the security issues surrounding your website. Discuss security from the offset with your web developer and get them to explain how they will be protecting your site but also what you and all those using the site should be doing on a day to day basis to ensure security is upheld.
Know your hosting company and your server control panel login details
The first step you will need to take if your site does get compromised is to notify your hosting company, whether by you, your developer or a security expert, so do ensure you know these details as you will need to act fast if your website is hacked. A common control panel is cPanel. Whatever it is, make sure you know how to access it.
Discuss with your web developer what back up system will be set up for your website. Keeping a backup may be your easiest and best protection against a security attack, as it will allow you to turn back the clock. While this doesn’t prevent attacks, it does cure them when needed. Find out how frequently your site will be backed up and where those back-ups will be stored.
You should be backing up the files on your website and the website database.
This is normally done by the hosting company.
Most default user names for logging in are “admin” and hackers know this. Ask your developer to set up accounts with custom logins for each user rather than generic ones. Know who is logging in and who has access to your site. It’s also wise to delete accounts as soon as they are no longer needed.
Also you can ask your developer to hide the name of the person who has added a post to your site, as that is also the user name.
Use ‘strong’ passwords. i.e. it should be 12 characters minimum and include numbers, symbols, capital letters, and lower-case letters. Use a mix of different types of characters to make the password harder to crack. Don’t use common substitutions, either — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0. Ensure passwords are changed regularly. Don’t use the same password for more than one site.
You may find it useful to use a password generator or password manager. Password managers, like LastPass or even the in-built Google password manager, mean you can store passwords securely and not have them written down.
Be careful with your error messages
Keep error messages as generic as possible. Whilst you may want to be helpful to users, don’t give away too much information which a hacker can then exploit. For example, when entering a username and password, the error message should be a general error if entered incorrectly. Saying that the password is wrong but the username is right will mean the hacker can focus on that username.
Installing Hyper Text Transfer Protocol Secure (HTTPS)
Does your site need to operate with https? Hyper Text Transfer Protocol Secure is the way data is governed when it passes between the website and the user. It is advisable for sites that collect and transmit personal information to encrypt the data ensuring it remains private as it travels between the server and the user.
“You can make your site secure with HTTPS (Hypertext Transport Protocol Secure), which protects the integrity and confidentiality of your users’ data. For example, when a user enters data into a form on your site in order to subscribe to updates or purchase a product, a secure site protects that user’s personal information and ensures that the user communicates with the authorized owner of the site.” Google
Installing additional security plugins
You should discuss with your web developer what additional security plugins they intend to install. Security plugins can help reduce the risk of your website being hacked offering several features to make your website more secure from known vulnerabilities.
Some examples we use on WordPress:
- Wordfence: offers a firewall which prevents the website from being hacked, it scans the site searching for malware and alerts the webmaster quickly in the event the site is compromised.
- iThemes Security– Away Mode: as most cyber-attacks happen at night this plugin disables access to the WordPress Dashboard for a specific period.
Check your developer has registered your site with Google Search Console, this is a free service offered by Google that helps you monitor and maintain your site’s presence in Google Search results but also lets you easily monitor and resolve security issues, such as hacking and malware. Once your account is set up then make sure you have access to the account log-in details in the event of your site being hacked.
“61% of webmasters who were hacked never received a notification from Google that their site was infected because their sites weren’t verified in Search Console.”
General Security practices for daily users
Keep your website software updated
Hackers use ‘script’ to scour the internet in an attempt to find website security issues in software. To help prevent this you should always make sure that your software version is up to date. Popular Content Management Systems like WordPress are constantly working to patch up security issues so keep a regular eye on your website dashboard which will notify you of the latest updates.
Update third party plugins
Keep third party plugins updated. These are pieces of code added to your site that allow you to alter and add to your site, keeping your plugins at the latest versions will help prevent hackers finding weaknesses in the code.
Keep your passwords safe, don’t share them with anyone. You should also learn how to change your password so you can do this regularly.
If users receive an email asking to confirm their identity or to share sensitive information they need to be 100% confident the sender is legitimate. It’s advisable to never give out confidential information like passwords, credit card numbers, or even your birth date.
Think before you click:
- If you receive a strange or suspicious email containing a link or attachment and you’re uncertain of who it’s from or exactly what it is, do not click on it. A quick call to the person who sent you the email can clarify if it’s legitimate. If you receive something you believe to be a scam email – delete it and remove it from your ‘deleted emails’ folder.
- If you suddenly find that there are files that you can no longer open, or that appear corrupted, or if a warning appears on your screen saying your files are encrypted, turn off your machine and let your IT support provider know immediately so that they can take the correct measures to reduce the security risk.
What to do if your website is compromised?
- Your first action should be to contact your hosting company as they may be able to help you recover your site more quickly
- Get your website taken offline, this will help to prevent any further damage to your search rankings but also prevent any users being infected if malware has been installed.
- Ensure all your user accounts are checked, that there are no unknown users and reset all passwords
- Check to see if you have any out of date software
- Log into the Google Search Console and review the Security Issues to find out the details of the attack.
- Get your site scanned & cleaned of all the hacked content, consider using a security expert who will be able remove tiny scraps of malware and also detect how the hackers gained entry and secure your site.
- Submit a request and review in the Security Issues section in Search Console when your entire website is clean and secure. After Google checks that your site is fixed, they’ll remove the “This site may be hacked” message.
- Google is not going to rank websites which are unsafe so it is best to get it sorted as soon as possible. Once your site is back up and working you should keep a close eye it to make sure you have properly fixed the issue and the hackers cannot regain access to your site.
Red Desk have been working with Islington Schools and have developed this document called "Twitter for Schools" as a one-stop checklist to help you manage your school's Twitter account in a practical manner. Optimise your profile: Your Twitter profile creates a first...read more
If you created your Facebook business page over a year ago, the chances are you haven’t made the most of the options now available to you for enhancing your page so that it better reflects your business and is set up to be visible to your potential clients. All the...read more
Back in December 2016 we posted an article called 3 Ways to Market Small Businesses. Since then we have been thinking about more inventive and alternative ways to market your business. These examples should be used in conjunction with a decent website and social...read more
Red Desk have been members of various networking groups over the years: WIBN, BNI and most recently Athena. We’ve all enjoyed our time with them but the main thing we’ve discovered is that the networking doesn’t stop when you’ve left the group. Once you’ve...read more
April is Stress Awareness month so we thought it time to revisit and update our article on life hacks: tips, tricks, skills adopted to manage your time more efficiently and simplify your world, and essentially reduce stress. Make your office virtual Do you have piles...read more
Red Desk have worked on a number of social media campaigns for events and we’ve found a few common mistakes. Don’t Let Your Social Media Go Dead Firstly if your event is annual, it’s a really bad idea to just let your social media go cold once the event is...read more
Running a small business has its challenges: your day-to-day work, staff, social media etc. One thing that you could do without though is customers not paying on time or even worse, not paying at all. This article is about how to deal with bad debts. Pay up...read more
Are there tools that you go back to time and again? We shared our top three tools of the moment back in June 2016. However, life and work at Red Desk are ever-evolving, and these are our three free tools that we are loving right now! Toggl We don’t know where we...read more
Red Desk support a number of local businesses in the North London area. We have several property clients and would like even more! Budget Management We work with a project manager of residential refurbishments and renovations. With each project we set up a...read more
An associate business of ours recently moved into a new office building with plenty of networking opportunities. We suggested using Twitter lists as a quick way of connecting virtually. However they weren’t sure what Twitter lists were and how they worked. What are...read more