For anyone looking to pursue photography as more than just a casual hobby, having your own website is a must.
Not only does it allow you to stand out, define your style, and build a strong brand image, it also gives you a platform to sell your work and share your portfolio in a professional and credible way.
However, for more photographers who decide to make this move into taking this business seriously, an essential element of this equation is rarely considered—your website security.
So much time and effort goes in to creating the perfect aesthetic, content, and user interface, that the important practice of making sure your website is actually secure, is often overlooked.
Unfortunately, by neglecting your website’s security, you’re jeopardizing it’s success, even your career in some cases. Suffering a cyberattack can be disastrous for the reputation of any artist, and there are many reasons you should do all that you can, to protect yourself.
Here are just a few reasons why you can’t afford to put yourself at risk by having sloppy website security practices, including easy remedies for each.
One of the greatest risks you face as a creative of any medium who shares work online, is the potential for theft.
Particularly as a photographer, as soon as your images can be seen on someone else’s computer screen, they can be lifted and passed off as another person’s work. This can be done as a malicious and targeted attack, or simply by an uneducated party, trying to find pictures to illustrate their own project.
Either way, losing your intellectual property is a devastating blow. Not only does it devalue you work, it also disregards the effort and skill you put in to it’s creation.
Although there’s no surefire way to prevent this type of theft, since sharing your photos online is a necessary evil that all good photographer-marketers must live with, there are a few steps you can take to drastically reduce the likelihood of it happening.
The Resolution: The first step you need to take is a simple one, but is surprisingly often overlooked by new photographers. That’s copyrighting your images.
Establishing your ownership of the photos will prevent honest people from stealing them. Many people do not realize that not stating copyright on your website as a whole, and again on each picture individually, actually legally puts your pictures in the public domain, so it’s essential to counteract this.
Unfortunately, there are many who will disregard copyright even when it’s made clear.
Further steps you can take to prevent theft of your work include:
• Photo Tiling. This is the practice of splitting your pictures into smaller squares and then re-assembling them on your website. Although it’s a very time-consuming practice, it subsequently requires a lot of effort for thieves, as they have to save each part individually and put them back together offline, so it’s a great deterrent.
• Reducing Quality. Uploading images in as low a quality as you can bear, makes them less desirable and therefore less of a target.
• Water Marking. Putting an obvious watermark on display photos means they can’t be re-used without an obvious credit to their source.
• Background Image. Uploading a photo as a CSS background image and covering it with a clear cover means that anyone saving the picture will simply get the blank cover image, rather than your actual photo.
Many photographers use their websites to attract clients and sell their work.
Any online business – creative or otherwise – needs to be extremely serious about their online security, especially if you’re processing payments on your site. Not only is this about avoiding attacks that could disable your site, but it also creates a stronger professional reputation and inspires trust with your customers.
Whether you contract simple malware that creates unsavory pop-ups on your website, or fall victim to a denial of service attack where your site is rendered unusable, once an infiltration has occurred, many people will become wary of ever returning, in fear of the risk to their own online security.
Similarly, you can end up with a particularly nasty infection called “ransomware” that will end up harming your bank account as well as your reputation. Like the name suggests, it involves hackers locking down your site until they receive a physical payment from you.
The Resolution: There is no full-proof way to guarantee the online safety of your business. However, one specific step you take to secure your website is to establish an SSL (Secure Sockets Layer) connection. This layer protects the connection by encrypting traffic between the browser and the website server itself, preventing hackers from accessing data or injecting malware.
Having an SSL certificate and icon displayed on your website is a universally recognized symbol of security. Not only does it increase your protection, it also instills a greater level of trust with your customers. If you want to ensure the highest level of online security, there are also third party companies like Netragard and Redspin who will perform a ‘penetration test’ to assess to reliably of your security systems.
What many people don’t realize when they create and administrate a website, is that it’s not just the content of the site itself, that’s at risk of theft.
Any personal information that is associated with your website is also a target for malicious hackers and cybercriminals. This includes email addresses, phone numbers, login details, and even credit card information for those who process payments.
Online identity theft is an ever-increasing problem and, while it might seem a world away from the worries you have when creating a photography website, it’s an essential concern for anyone sharing personal information on the internet, in any form.
This is particularly poignant to consider for those who access and update their site while on-the-go, as connecting to public WiFi networks is extremely insecure. Because of this, public WiFi networks have become a hotspot for cybercrime of this nature.
The Resolution: The safest way to protect yourself from hackers aiming to steal your information, is to use a Virtual Private Network (VPN). A VPN protects the connection between your device and the internet, meaning no prying eyes can access your data on insecure networks. The way it does this, is by encrypting the traffic that runs between your device and the VPN server, mimicking a private connection, before attaching to the internet.
The virtual tunnel that a VPN creates, means that cybercriminals can’t view your information and, therefore, can’t gain access to it.
It also re-assigns you the IP address of the server, instead of your own. So, you can access the internet anonymously and freely without worrying about data breaches.
Finally, it’s not just your own data that is put at risk when running a photography website.
Any visitors who access, subscribe, or purchase from your site are also vulnerable.
Selling photography online is a natural way to build your business and broaden your reach. However, handling payment transactions requires an extra level of commitment to security, as credit card information is some of the most sensitive details about a person, available on the internet.
If a customer loses money to theft as a result of first processing a transaction on your site, the damage it’ll have on your reputation could be irreversible.
Although the consequences are less severe, visitors who create an account on your site, or sign up as a subscriber to your blog, are also at risk of losing email addresses and passwords. Even something this simple could result in identity theft, or hackers gaining access to email accounts where many people store sensitive information.
As the administrator of your website, it’s your responsibility to ensure all of your visitors are protected.
The Resolution: As this is such a sensitive topic, there’s no shortage of information on how to ensure secure payment transactions on your website. Your best, and perhaps easiest, option is to choose a trusted third party credit card processor, such as Stripe or Paypal, that can handle these transactions safely for you.
Alongside this, the PCI-DSS (Payment Card Industry Data Security Standard) has been set up to help merchants who handle direct payment transactions. By heading to their website and completing a self-assessment form, the Security Standards Council will review the efficiency of the security measures you have in place, and work with you to improve them if need be.
Another important element to consider in regard to customer security is protecting passwords.
We all know that passwords are a key element to online safety. However, many of us are guilty of recycling simple combinations of frequently used passwords, for ease of remembering them. Unfortunately this makes it much easier for hackers to gain access to your seemingly secure accounts, and significantly increases your chance of attack.
Alongside ensuring your own password to administrate the site is complex and unique, it’s also wise to set mandatory password regulations for all users when they sign up.
A good complex password includes the following:
• A minimum password length; over 8 characters is recommended
• Avoidance of simple phrases such as “cat” or “password”
• The use of a variety of characters including capital letters, special characters, and numbers
• Lack of personal information such as birth dates and phone numbers
For most photographers, it’s easy to get caught up in the inspiration and artistic side of the business.
However, focusing on the practical details that can wreak havoc later down the line, is equally essential to your success.
Do you have any tips or best practices we missed? Share below and help others increase their website security, too.