Entradas

Publicado el

5 Indica que la estrategia de seguridad del sitio web de su pequeña empresa necesita renovación

Vivimos en una era en la que los ciberataques están empeorando cada vez más.  

De 2015 a 2016, por ejemplo, hubo un aumento significativo del 32% en el número de sitios hackeados, y un aumento del 18% de 2017 a 2018.

Y aquí hay otro hecho muy sorprendente: cada diez ciberataques en el mundo, al menos siete están dirigidos a pequeñas y medianas empresas, o empresas que tienen doscientos cincuenta empleados.

Además, es que la mayoría de estas pequeñas y medianas empresas hacen un trabajo bastante pobre con la ciberseguridad, teniendo un equipo de TI muy subdesarrollado y subfinanciado en contraste con las organizaciones más grandes.

Es realmente por esta razón que los sitios web de las pequeñas y medianas empresas son los más vulnerables.

Así que como propietario de una PYME usted mismo, no debe dudar en preguntarse si la estrategia de seguridad de su sitio web necesita cualquier renovación o modificación.

Pero, ¿cómo saber si la estrategia de seguridad de su sitio web necesita ser reelaborada? Si alguno de los siguientes son una realidad:

1. Carece de un plan de respuesta de seguridad

Un plan de respuesta a un ciberataque es algo que es de vital importancia para cualquier negocio. En el fondo, esto significa que un empleado necesita saber qué hacer cuando se produce una violación.

Sé honesto contigo mismo…  

¿Te has preguntado cómo responderás cuando sospeches que ha ocurrido un ciberataque?  

¿Cómo va a averiguar qué tipo de ataque ha ocurrido?  

¿Cómo sabrás el alcance total del daño?  

¿Y cómo tomará sin medidas para asegurarse de que esto no vuelva a suceder?

En resumen, lo que necesita es un Plan de Respuesta a Incidentes de Ciberseguridad. Un buen plan asegurará la participación de las partes interesadas clave, asignará roles a sus empleados, garantizará una comunicación adecuada y realizará pruebas y ejercicio de forma regular.

2. No estás automatizando las actualizaciones de seguridad

Automatizar las actualizaciones de seguridad de su sitio web o blogs plugins, sus temas, software, etc. es una buena manera para mantener su seguridad completamente actualizada, mientras que también requiere un trabajo muy mínimo para usted.

Con el fin de automatizar el escaneo y la aplicación de parches de las diversas características de su sitio web, tendrá que implementar una solución de seguridad sobre su sitio web que le proporcione esta capacidad, o de otra manera asociarse con un proveedor externo que pueda hacer esto por usted.

Recuerde, siempre y cuando sus temas, software, plugins, etc. sean de desarrolladores de buena reputación, estarán constantemente trabajando las 24 horas del día para asegurarse de que sus programas se mantengan actualizados desde un punto de vista de seguridad.

La ejecución de actualizaciones automáticas garantiza que su sitio web se mantenga seguro tan pronto como se realice una nueva actualización.

3. No está usando cortafuegos

Su firewall, o un sistema de seguridad de red diseñado para evitar el acceso no autorizado a su sitio web, es su primera línea de defensa contra los piratas informáticos.

De hecho, la FCC va tan lejos como para recomendar que todas las pequeñas y medianas empresas establezcan un cortafuegos a través de sus redes con el fin de crear un muro entre los ciberatacantes y sus datos.

Usted querrá tener tanto un firewall externo estándar como firewalls internos para un nivel adicional de protección. Con todo, si no tiene sin un cortafuegos configurado, eso es una clara señal de que la seguridad de su sitio web es muy débil en el mejor de los casos.

4. No ha respaldado sus datos

¿Qué sucede si su sitio web es hackeado y cerrado?  

Así es, vas a perder todos tus datos.

Pero no perderás todo si tomas medidas para respaldar tu sitio web en su lugar.

Debe crear copias de seguridad de su sitio web con regularidad y también debe almacenarlas en varias ubicaciones.

Puede hacer una copia de seguridad de su sitio web de varias maneras, incluyendo el uso de un plugin (como UpdraftPlus si su sitio se ejecuta en WordPress), utilizando su host web o utilizando la nube. En todo caso, debería almacenar más de una copia de seguridad.

5. No ha entrenado ni educado a sus empleados

Por último, pero no menos importante, usted puede saber todo lo que hay que saber acerca de la ciberseguridad, pero ¿qué pasa con sus empleados.

Una regla básica en su empresa debe ser que cualquier empleado que acceda a su red necesita ser enseñado e informado sobre buenas prácticas de seguridad de red y recibir actualizaciones sobre los protocolos. La mayoría de los empleados (y las personas en general), sin dirección, utilizarán cualquier software con el que se sientan más cómodos.

Eso podría significar aplicaciones comunes de Microsoft o Apple, o podría significar cualquier número de herramientas de código abierto. En cualquier caso, muchas aplicaciones populares, ya sean de pago o gratuitas, están llenas de agujeros de seguridad. Para garantizar que los empleados utilicen el software adecuado, deben recibir capacitación y re-formación. (¡También necesitan "actualizaciones"!)

Sin Usted también debe hacer que sus empleados firmen documentos que confirmen que se les han enseñado sus prácticas de seguridad y comprender las ramificaciones que vendrán con el incumplimiento de las políticas de seguridad de su empresa.

Conclusión

Para concluir, si actualmente está cometiendo cualquiera de los errores anteriores, entonces su estrategia de seguridad del sitio web es probablemente necesitada de algún arreglo.

La seguridad del sitio web es tan importante porque los hackers son cada vez más avanzados en sus métodos día a día.  Y dado que las pequeñas y medianas empresas son actualmente el mayor objetivo para los hackers, es absolutamente crítico que la seguridad cibernética sea una prioridad para usted.

Publicado el

5 Signs Your Small Business’s Website Security Strategy Needs Revamping

We live in an era where cyberattacks are only getting increasingly worse.  

From 2015 through 2016, for instance, there was a significant 32% increase in the number of hacked sites, and an 18% increase from 2017 through 2018.

And here’s another very startling fact: out every ten cyberattacks in the world, at least seven are aimed at small to medium sized businesses, or businesses that have two hundred and fifty employees.

What’s more, is that most of these small to medium sized businesses do a rather poor job with cybersecurity, having a greatly underdeveloped and underfunded IT team in contrast to larger organizations.

It’s really for this reason that the websites of small to medium sized businesses are the most vulnerable.

So as the owner of an SMB yourself, you shouldn’t hesitate to ask yourself if your website’s security strategy is in need of any revamping or modifications.

But how do you know if your website’s security strategy needs to be reworked? If any of the following are are a reality:

1. You Lack A Security Response Plan

A response plan to a cyberattack is something that is vitally importnat for any business to have. At its heart, this means that an employee needs to know what to do when a breach does occur.

Be honest with yourself…  

Have you asked yourself how you will respond when you suspect a cyberattack has occurred?  

How will you find out which type of attack has occurred?  

How will you know the full extent of the damage?  

And how will you take action to ensure that this never happens again?

In short, what you need is a Cybersecurity Incident Response Plan. A good plan will secure participation from the key stakeholders, assign roles to your employees, ensure proper communication, and run tests and exercise on a regular basis.

2. You’re Not Automating Security Updates

Automating security updates of your website or blogging plugins, your themes, software, and so on is a good way for you to keep your security fully up to date while also requiring very minimal work to you.

In order to automate the scanning and patching of your website’s various features, you’ll need to either implement a security solution over your website that gives you this capability, or otherwise partner with an outside vendor who can do this for you.

Remember, so long as your themes, software, plugins, and so on are from reputable developers, they will consistently be working around the clock to ensure that their programs are kept up to date from a security standpoint.

Running automatic updates ensures that your website is kept safe as soon as a new update is made.

3. You’re Not Using Firewalls

Your firewall, or a network security system designed to prevent unauthorized access to your website, is your first line of defense against hackers.

In fact, the FCC goes as far as to recommend that all small to medium sized businesses set up a firewall over their networks in order to create a wall between cyber attackers and your data.

You’ll want to have both a standard external firewall as well as internal firewalls for an extra level of protection. All in all, if you don’t have a firewall set up, that’s a clear sign that the security of your website is very weak at best.

4. You Haven’t Backed Up Your Data

What happens if your website is hacked and shut down?  

That’s right, you’re going to lose all of your data.

But you won’t lose all of it if you take action to backup your website instead.

You need to create backups of your website regularly, and you also need to store those backups in multiple locations.

You can backup your website in a number of ways, including by using a plugin (such as UpdraftPlus if your site is run on WordPress), using your web host, or by using the cloud. If anything, you should be storing more than just one backup.

5. You Haven’t Trained or Educated Your Employees

Last but not least, you can know all there is to know about cybersecurity, but what about your employees.

A basic rule at your company needs to be that any employee accessing your network need to be taught and informed on good network security practices and receive updates on protocols. Most employees (and people in general), lacking direction, will use whatever software they are most comfortable with.

That could mean common out of the box applications by Microsoft or Apple, or it could mean any number of open source tools. In either case, many popular apps – whether paid or free – are fraught with security holes. To ensure that employees use the right software, they must be trained and re-trained. (They need “updates” too!)

Without You should also have your employees sign documents confirming that they have been taught your security practices and understand the ramifications that will come with failing to follow the security policies of your company.

Conclusion

To conclude, if you’re currently making any of the above mistakes, then your website security strategy is probably in dire need of some fixing.

Website security is so important because hackers are becoming more advanced in their methods day by day.  And since small to medium sized businesses are currently the biggest target for hackers, it is absolutely critical that cyber security be a top priority for you.

Publicado el

WPeMatico Опубликовать 2 Электронная почта

Еще один отличный плагин, который не видел так много является аддон WPeMatico опубликовать 2 Email.

Можете ли вы представить себе веб-сайт принимая сообщение из различных каналов или веб-сайтов и отправки их в качестве электронной почты для различных счетов? WpeMatico опубликовать 2 Электронная почта может сделать это произойдет и многое другое. Считается, что принять каждый пост автоматически из каждого канала созданных кампаний и отправить их на учетную запись электронной почты, которая будет проверена на некоторые автоматические службы, чтобы опубликовать его, например, в другом WordPress, список писем, форумы или любую услугу, которая позволяет сообщения или распространение по электронной почте.

Это дополнение позволяет использовать WPeMatico с веб-сайта WordPress и отправлять читать сообщения из каждой кампании по электронной почте. Каждая кампания позволяет отправлять контент на различные учетные записи электронной почты.

Таким образом, он может размещать с уникального веб-сайта с Плагином WPeMatico на многих различных сайтах WordPress.

Воспользуйтесь 25% код скидки! Код купона: ([JUN1725]Заполните код и получите скидку на экране оформления.)

Publicado el

WPeMatico publicar 2 e-mails

Outro plugin excelente que não foi visto tanto é o addon WPeMatico publicar 2 Email.

Você pode imaginar um site postando de diferentes feeds ou sites e enviando-os como e-mails para diferentes contas? WpeMatico publicar 2 E-mail pode fazer isso acontecer e muito mais. Acredita-se que cada postagem automaticamente de cada feed das campanhas criadas e enviá-los para uma conta de e-mail que será verificada para algum serviço automático para publicá-lo, por exemplo, em outro WordPress, uma lista de e-mails, fóruns ou qualquer serviço que permita posts ou distribuição por e-mail.

Este Complemento permite usar o WPeMatico a partir de um site do WordPress e enviar as postagens de leitura de cada campanha para uma conta de e-mail. Cada campanha permite o envio de conteúdo para diferentes contas de e-mail.

Portanto, ele pode postar a partir de um site exclusivo com plugin WPeMatico para muitos sites diferentes do WordPress.

Aproveite o código de desconto de 25%! Código do cupo[JUN1725]m: (Preencha o código e obtenha o desconto na tela de checkout.)

Publicado el

WPeMatico Publicar 2 Correo electrónico

Otro excelente plugin que no se ha visto tanto es el addon WPeMatico publicar 2 Email.

¿Te imaginas un sitio web que publica desde diferentes feeds o sitios web y los envía como correos electrónicos a diferentes cuentas? WpeMatico publicar 2 Email puede hacer que esto suceda y mucho más. Se piensa tomar cada publicación automáticamente de cada feed de las campañas creadas y enviarlos a una cuenta de correo electrónico que se comprobará para algún servicio automático para publicarlo, por ejemplo, en otro WordPress, una lista de correos electrónicos, foros o cualquier servicio que permita publicaciones o distribución por correo electrónico.

Este complemento permite utilizar WPeMatico desde un sitio web de WordPress y enviar las publicaciones de lectura de cada campaña a una cuenta de correo electrónico. Cada campaña permite enviar contenido a diferentes cuentas de correo electrónico.

Por lo tanto, puede publicar desde un sitio web único con el plugin WPeMatico a muchos sitios web de WordPress diferentes.

¡Aprovecha el código de descuento del 25%! Código del cupó[JUN1725]n: (Rellene el código y obtenga el descuento en la pantalla de pago.)

Publicado el

WPeMatico Publish 2 Email

Another excellent plugin which haven’t been saw so much is the addon WPeMatico publish 2 Email.

Can you imagine a website taking post from different feeds or websites and sending them as emails to different accounts? WpeMatico publish 2 Email can make this to happen and so much more. It is thinked to take each post automatically from every feed of the created campaigns and send them to an email account which will be checked for some automatic service to publish it, for example, in another WordPress, an emails list, forums or any service that allows posts or distribution by email.

This Add-on allows to use WPeMatico from a WordPress website and to send the read posts from each campaign to an email account. Each campaign allows sending content to different email accounts.

Therefore, it can post from a unique website with WPeMatico plugin to many different WordPress websites.

Take advantage of the 25% discount code! Coupon code: [JUN1725] (Fill in the code and get the discount in the Checkout screen.)

Publicado el

EDD MercadoPago 1.3.2 version

MercadoPago is one of the largest and most important payment gateways for many Central and South America countries.

This platform allows the payment of products and services electronically through many different payment methods. They work with national and international credit cards. Payment links, QR payments, offline and cash payment methods through companies given in each country.

This allows a very important and necessary flexibility when it comes to checkout a sale.

Our EDD MercadoPago plugin is an integration of this payment gateway with Easy Digital Downloads plugin to sell digital products with WordPress. From eBooks, to WordPress plugins, to PDF files and more, they make selling digital products a breeze. Easy Digital Downloads is simple to use and free to download.

MercadoPago continues to make improvements to its platform, and so do we. In this new version we’ve included the “Binary Mode” for the Custom Checkout, that allows it to request a successful/failed purchase status immediately.

We have tested it in many countries such as Mexico, Colombia, Argentina, Brazil, Chile, etc. Thus simplifying e-commerce for Latin American countries and without risks.

In addition, a fix was added that corrects the redirection of a failed purchase in the Custom Checkout and we’ve added the portuguese translations files in it.

Take a look at the entire product page with its features here.
Publicado el

WPeMatico New 2.5 Version

Highly recommended update, this version has important changes in terms of plugin security. Almost all of them requested by WordPress.org plugin moderators after a strict revision to follow the development standards of WordPress coding.
It is recommended to test it on development servers before implementing it on production sites.

The use of cURL and own download functions were replaced by WordPress file processing functions and remote file retrieval functions.

Take a look at the release note at http://www.wpematico.com/wpematico-free-core-v2-5/ It has a discount code inside for its extensions!

Publicado el

New major version WPeMatico 2.4

We released version 2.4 of WPeMatico.

In this version there is an outstanding feature that is the new external cron process.
From now on we have deprecated the calling to the old file wpe-cron.php
We still have it to keep the compatibility backwards, but if you use external cron you would have to modify the call to the new URL that follows the WordPress standards.
We’ll keep it a few more weeks and we’ll announce in the administration screens that it will be removed.

This new process to run with cron follows strictly the WordPress standards, cancelling external calls to configuration files, improving performance and data processing for the execution of the campaigns.

So much in so little.

A major version composed of several minor versions.

Although it seems that there are no big changes because it is a major version, we have divided all the new features and fixes in several small releases.
This helps not to deal with all the changes together, reducing dramatically the error margins and the generation of bugs with their corresponding support tickets.

So many of the features listed below were added and several more that come in the following minor releases.

Changelog

  • Added custom statuses to campaigns.
  • Improved from scratch external cron processes . If you use external cron, you should take a look at the new URLs in Configuration.
  • Improved insertion of tags and categories in messages.
  • Added possibility to add tags in the post type Topics of BBPress.
  • Resolves a problem when getting the source coding chrset
  • Solves a problem in the controls of duplicated by hash.
  • We changed the transient name from encoding_hosts to wpematico_encoding_hosts.
  • Increased transient cache time of encoding_hosts to 6 hours.
  • Improved security when saving data in all admin screens.
  • Fixes a reported vulnerability that was only available to users who could access the WPeMatico Settings screen.
  • Implementation of the sections by WordPress filters in the different tabs of the Settings.
  • Installed extensions are now showed in the plugins page in the row of the WPeMatico plugin.
  • Fixes some warnings on the Licenses page.
  • Fixes the Uncaught Error: Calling a get_columns() member function on the page…
  • Changed the constants printed in the debug file to a limited white list of them.
  • Fixes some problems with multiple alerts in the campaign edit js.
  • We fixed many bugs based on your feedback. Thanks for helping us out!

Take a look and download it from WordPress.org by clicking here!

Do you want to know more about the best plugin to publish in WordPress automatically from feeds? Click here.
Publicado el

New EDD AddOn: Mercado Pago Payment Gateway

Release Notes

We are very happy today because we are publicly launching our payment gateway ‘Mercado Pago’ for Easy Digital Downloads!

Easy Digital Downloads (EDD), created by Pippin Williamson, is a free e-commerce plugin from WordPress that focuses exclusively on digital products and can also be easily used for services or any online sale. Its main objective is to make the sale of digital products simple and complete. A great thing about Easy Digital Downloads is that it can be mounted and used immediately and is also quite lighter in speed and resource consumption compared to other e-commerce stores. Its excellent coding allows to integrate external extensions such as the sale of software with licenses or recurring payments among the most used.

EDD-mercadopago joined etruel a few months ago and we have been working hard, but also enthusiastically on it, creating a totally new and intuitive product. It works completely integrated with EDD in Checkout Basic mode and is compatible with EDD Software Licenses.

However, if you need compatibility with EDD Recurring it is also possible to do it with Custom Checkout, but for now it only works with credit cards and with a purchase form integrated in the checkout of the store. It does not use the recurring payments of Mercado Pago but those of Easy Digital Downloads generating movements in the activity of the account of Mercado Pago as common purchases.

To see more features take a look at the product page at https://etruel.com/downloads/edd-mercado-pago/

Development notes

In these months we notice that the API of Mercado Pago is quite harsh with a lot of information mixed between old and new APIs, and that for Custom Checkout it does not have a total testing environment as it does for the Basic Checkout.
For this reason, also knowing the needs of many users and also having a full and functional version tested with the Basic Checkout and everything possible with the Custom, we decided to release the product and continue working, debugging and improving the plugin while we enable it for purchases and use it in production environments.
This will allow end users to use it and give us their opinions and suggestions as well as needs that may arise to implement new functions to the plugin.

Price Notes

As a new product is launched at promotional price with a discount code with one month duration. Use the code 30EDDMP to get a 30% discount before the coupon expires!

Go to the Product Page!