• Have You Fallen Victim To the Dreaded Basement Web Professional?

    Tampa, FL — As an avid supporter of small businesses and freelance professionals, I’ll be the first to admit that there are plenty of qualified and respectable web professionals who also work out of their basements. I am not referring to those rightfully declared web professionals. In fact, I even occasionally work out of such spaces myself.

    Instead, I’m referring to the self-described but blatantly under-qualified “basement professionals”. They can be generally defined as, “hired professionals who overpromise but under-deliver, or who do not provide a working product or service to a paying client.”

    Chances are if you run a business, you’ve had the unpleasant opportunity of working with someone who fits this description in some way.

    This may include people who say things like, “Sure, I can build you a website”, but it takes them three months to launch a half-working website that does nothing to help your business. It doesn’t work, it doesn’t bring in leads, and it doesn’t make you money. It’s just a big waste of time that leaves you with an even bigger hole in your pocket.

    Friends & Family

    This could also include your friends and family members who, no offense, but, have no business attempting to build and manage your online presence. Again, this may not be everyone. It’s important for you to decipher between hiring someone only because they are a friend or family member, versus hiring someone because they’re qualified and have a proven track record.

    Non-Technical Business Owners

    As a business owner, I totally get that it’s in your nature to take things into your own hands. But, it’s also your responsibility to make smart business decisions. So, unless you have a background in building and managing websites, chances are, it would be more productive for you to allow a qualified web professional to handle all your web needs.

    Many business owners also use popular DIY site builders which is not a proper web strategy. You can’t expect to get a bunch of new website leads when it’s built with some drag-and-drop site builder and you put no additional effort into growing your web presence. That’s like expecting your business to become successful without anyone knowing it even exists. I digress.

    Cheap Pricing

    It’s probably also not a good idea to hire a web professional based solely on cheap pricing. Okay, it’s definitely not a good idea. As the old adage goes, you get what you pay for. Unfortunately, if you’re paying under market value for web-based services or products, there’s a good chance that corners will be cut, skills will be missed, and money will be wasted.

    While on the surface, these types of lowballing service providers seem to deliver good products and services, when you take a look under the hood, it gets quite messy. Plus, many times when you hire a cheap web professional, communication is lackluster and developing a strong web strategy is still up to you, the business owner.

    The only way to really fix this is to find and hire web experts who have a track record of delivering great services and products and helping businesses grow their online presence. At Site Assembly, we’ve worked with hundreds of businesses to build and manage their online presences, including designing secure and responsive websites, launching and managing social media strategies, optimizing search engine rankings (SEO), and developing high-converting search engine marketing (SEM) campaigns.

    But, don’t take our word for it. You can try us out for yourself, risk-free for 14 days. By then, you’ll never want to go back to another under-qualified, sometimes sketchy, basement professional. We’ll even help you navigate the break up if you need us to. Don’t worry, we don’t rustle feathers. Jeez, we’re all professionals here. 😉

  • Is WordPress Really Insecure? Answer: No

    Recently, I sat down with a potential client to discuss future plans for their new website. I went through my presentation discussing what we do and how we can help them get the website they envisioned. After learning about their needs, I recommended using WordPress for easier scalability and greater flexibility. The first thing they asked after I had mentioned WordPress was, “but, isn’t WordPress insecure?”

    While it’s true that WordPress has gotten a bad wrap for being “insecure”, that connotation is simply inviable. It’s like blaming the chicken for the egg’s poor decision-making. However, after hearing this concern from more than one of our clients, I realized that this was a more widespread misconception than I had previously thought. So, as any reasonable person would do, I decided to write a blog about it.

    Look, I realize I’m going to receive some pushback on my statements here, so before I go any further, let’s just clear some things up.

     

    1. WordPress is the most popular content management system (CMS) on the planet.
    2. As with any widely-popular technology, it’s an equally popular target for attack.
    3. Websites using WordPress are only as secure as they are built to be.
    4. The more steps you take to protect your website against attacks, the more secure “WordPress” is.

     

    I mean, even Google Sites are more vulnerable to attacks than websites built on WordPress. But, that doesn’t mean it’s all clear to sail. There are definitely steps you and your website manager must take to ensure your website is safe and secure.

    Alright, enough background music, let’s get to the bread and butter. What can we really do to protect your WordPress website from attacks? I’m so glad you allowed me to ask.

    SSL Certificates

    These days, https encryption is essentially mandatory if you want to rank well in Google Search. It’s also one of the best ways to protect your WordPress website against attacks. At Site Assembly, it’s now a requirement.

    Setting up an SSL certificate requires a bit of expertise. We like to work with globally recognizable security brands such as Comodo and Symantec who offer Site Seals that act as “verification” that your website is protected. Think ADT signs for homes.

    From a technical standpoint, SSL certificates work by encrypting user data collected and shared on your website. This includes back-end administrator data as well as front-end data collection such as user forms and newsletter signups. As long as the certificate is set up correctly, this will be a big improvement in protecting your website.

    Plugin Management

    secure-wordpress-websiteUpdating and managing your plugins are two of the easiest ways to protect your website against attacks. Many times, vulnerabilities found within these plugins are fixed and released for updating. If you’re still using a particular plugin and it has an update available, do it! Be sure to check the update warnings to ensure you won’t lose any data or customization.

    You can access your plugins by clicking on the “Plugins” menu option in your Administrator panel. You’ll find a list of all your installed plugins along with notifications if updates are available. You should also uninstall plugins you’re no longer using.

    Password Secure WordPress Website

    I’m sorry it came down to this, but, it’s still a huge concern. So many people know it’s important to choose a strong password, but not many actually put it into practice. I cannot emphasize this point enough! Choosing a hard-to-guess password is a must these days! There are tools out there to generate strong passwords, and thankfully, we’re even expert password recommenders ourselves.

    Here are a few pointers on choosing a strong password:

    Use sentences combined with special characters instead of single words and numbers. A password such as IknowYouWantTo_but_GoodluckGuessingThis1! is a lot harder to guess programmatically than Password123 or your birthday. Get creative and have some fun with it.

    Use secured password generators. This one’s not as fun as coming up with cool sentences, but it is just as effective in protecting your website from attacks. We’re biased as to which password generator we prefer, so we’ll let you decide. There are plenty to choose from.

    SuperAuth Integration

    If you haven’t heard of it before, SuperAuth is an amazing platform to help you “go passwordless.” This unique software works by removing the need for usernames and passwords altogether and instead offers a single sign-on and automatic two-factor authentication option for your users. You can download and integrate SuperAuth Passwordless Authentication here.