Are Security Concerns Holding You Back From Marketing Innovation?

by Today's Eggspert

Last updated on January 26th, 2018

Incredibly, 32% of companies were victims of cybercrime in 2016. And 87% of CIOs believe their security controls are failing to keep their business protected.

When you’ve marketed your business effectively, you can enjoy numerous benefits such as increased brand awareness, high SERP visibility and abundant traffic.

Unfortunately, the more you grow your online presence, the more you are a target for cyber-criminals, hackers and other disreputable individuals.

2017 was a year when a number of high profile cyber-security disasters hit the news. In this current climate of fear, it’s understandable you might feel inclined to hold back on your marketing due to the risk of attracting unwanted attention.

Alternatively, you can learn about the potential risks that await you and do your best to keep yourself protected while moving forward.

Here are some of my tips for executing your marketing strategy in a safe and secure way.


WordPress is a platform that has become synonymous with business blogging, and it’s clear to see why. WordPress enables you to setup and maintain a fully functioning business blog with minimal technical skills – hence the platform’s popularity.

Unfortunately, WordPress is not impregnable and there have been numerous hacks in the past. In fact, statistics show that 73.2% of the world’s most popular WordPress installations have vulnerabilities which can be found using the software.

For this reason, most hackers deploy automated bots in order to find websites with weaknesses.

Once hacked, your WordPress site can be used to redirect visitors to other sites which provide revenue for the hackers, or viruses can be deployed in order to infect the hard-drives of your visitors and steal valuable information.

Ransomware is highly troubling and often transmitted through hacked sites. This kind of virus will encrypt all of your files and then force you to make a payment before decrypting them.

Use these tips to keep your WordPress site secure.

Keep Everything Updated

If you’re running an outdated version of WordPress, the list of vulnerabilities is already public knowledge. Hackers can use this information to find easy targets, so don’t allow your site to be one of them.

Fortunately, since WordPress 3.7 updates are automatically added, so this risk is reduced.

Likewise, all of your plugins and themes should be updated regularly as well, since they can provide a gateway to your personal information if you’re not careful. For this reason, you should not only deactivate but also delete plugins and themes that you’re no longer using.

Check out this useful article for keeping WordPress updated.

As a final preventative measure, the following piece of code will remove the WordPress version number from your site’s head – so hackers can’t ascertain if you’re using a dated version:

remove_action(‘wp_head’, ‘wp_generator’);

Use Complex Passwords

When generating WordPress (or any) passwords, I like to use the CLU formula. CLU stands for complex, long and unique.

Some of the worst common passwords in a 2015 study included: “qwerty,” “123456,” “baseball” and “dragon.” Perhaps the last one was due to the popularity of a certain television series in recent years.

Don’t pick anything obvious like this. Use a combination of cases, letters, numbers and special characters when choosing a password.

Two-Step Authentication

2 step verification

You may have heard of brute force attacks – they’re extremely common in cybercrime. Using automated software, hackers can roll through countless password combinations until they finally crack the code.

To prevent against this, it’s good to have an additional authentication step to ensure it’s a real person logging into your site instead of a malicious program.

A common form of two-step authentication requires a standard password and then requests a mobile number in order to send an additional code that the user must type in to log into their account.

I highly recommend installing Google Authenticator in order to keep your WordPress site secure.

As an additional preventative measure, try installing Login LockDown. This useful plugin allows you to limit the amount of login attempts from a specific IP address within a certain period of time – ensuring that your logins come from real people instead of software.

Rename Your Login URL

Because most WordPress attacks are automated, hackers are looking for the default WordPress login and admin URLs: wp-login.php & wp-admin.

If your login URL is uncommon, this is enough to prevent the vast majority of brute force attacks from occurring.

Try changing your login URL to something original like new_site_login.

You could also change your admin URL to new_site_admin.

As a final step, consider contacting a cyber security expert and booking a penetration test. This will reveal any vulnerabilities that you’re not aware of and you’ll be given a list of actions to implement in order to improve your site’s security.

Social Media

Unlike a WordPress site, social media attacks are often personal rather than automated. A malicious ex-employee may target your social media accounts as a way to discredit your brand.

In 2016, scams on social media increased by 150% – so it’s important to stay vigilant.

Multiple Passwords

As always, I recommend using the CLU formula for creating your social media passwords. However, it’s also a good idea to have different passwords for each of your accounts.

Particularly in the case of a personal attack, one account breached is a headache, but four is a nightmare.

Also, be sure to fill out your security answers as this adds another authentication step in order to access your account.

If you log into social media on your mobile devices, make sure that your phone is well protected.

Ironically, security software pioneer, John McAfee, recently had his Twitter account hacked. A hacker was able to compromise his mobile phone and intercept the security code during the two-step authentication process.

Limit Your Employee’s Usage of Social Media

Many companies have fallen victim to employees posting inappropriate content under the brand’s official name. Sometimes this can be funny, but more often than not, it erodes the integrity of your brand – as Chrysler found out.

chrysler autos

Across the pond, an employee of the British Ministry of Defence accidentally posted their disdain for London’s new architecture using the official @DefenceHQ Twitter account.

Twitter users also poked fun at the fact a governmental department incorrectly used the word ‘hung’ instead of ‘hanged.’

city of london

Always have a style guide to dictate the messaging, tone of voice and images used on your social media channels and only entrust social media posting to your most reliable (and sober) employees.

Also, ensure that your employees double check that they’ve logged out after posting content on your brand’s channels.

Be Careful With Sharing Personal Information

Countless soccer players have been robbed because their fixture lists are public knowledge, therefore thieves know when their houses will be unoccupied.

Especially if you’re posting as a personal brand, know that whenever you promote your latest tour or tradeshow appearance – thieves can use this information to their advantage.

Don’t be vocal about leaving your office or home for an extended period of time if you don’t have adequate security measures. This sounds paranoid, but it’s better to be safe than sorry.

Also, remember not to post other sensitive information such as your phone number or financial details. The more information criminals have, the easier it is to steal your identity.

As a final preventative measure, consider using ZeroFox to scan your social media profiles for fraudulent activity and malicious code.

Email Security

According to a study conducted by Symantec, 59% of consumers said that they were concerned about the safety of their personal information.

Having your mailing list or account information stolen will have disastrous consequences, as healthcare firm Anthem found out. In addition to accessing Anthem’s entire mailing list, hackers also gained access to social security details, income data and street addresses.

Your customers have entrusted you with their details, so treat email security with extreme importance.

Email Encryption

It’s worth investing in a premium email client. The best packages offer three-layer security, protecting:

  • The connection to your provider.
  • The email messages.
  • Your archived messages.

Encryption prevents eavesdroppers from intercepting messages and extracting vital information, such as financial details. The more layers of security you have, the better.

SendInc is a reputable web-based encryption service for sending secure emails.

Outbound Spam Filtering

Everyone is aware of inbound spam filtering – this protects your inbox from annoying marketers and devious phishers.

On the other hand, outbound filtering ensures that your IP account doesn’t end up distributing spam because hackers have compromised your inbox.

With a filter, you can identify individual users on your network and detect when spammy outbound emails are being sent. This is important in terms of security, but also to avoid getting your IP address blocked from recipient mail providers.

A good filter will analyze the long-term behavior of your users and immediately alert you when an anomaly occurs.

As a final word of warning, be cautious when outsourcing your email marketing.

63% of data breaches are due to poor outsourcing decisions. Just because you take the security of your clients seriously doesn’t mean an external company will – so scrutinize before you hire and ideally, keep your email marketing in-house.

Do you have any other tips for performing digital marketing in a safe and secure manner? I’d love to hear your responses in the comments below.

About the Author: Aaron Agius is an experienced search, content and social marketer. He has worked with some of the world’s largest and most recognized brands, including IBM, Coca-Cola, Target and others, to build their online presence. See more from Aaron at Louder Online, his blog, Facebook, Twitter, Google+ and LinkedIn

One Comment


Get updates on new articles, webinars and other opportunities:

Today’s Eggspert

This article was written by today's Daily Eggspert. If you would like to contribute as an Eggspert, please reach out to us here.


Comment Policy

Please join the conversation! We like long and thoughtful communication.
Abrupt comments and gibberish will not be approved. Please, only use your real name, not your business name or keywords. We rarely allow links in your comment.
Finally, please use your favorite personal social media profile for the website field.


Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Anonymous says:
    February 23, 2018 at 3:22 am

    I didn’t know that the conversion rate for this was so high! Thanks for taking the time to write this, I’ve been email marketing for 3+ months and never even put messenger into my thoughts, ever. But, I can definitely add this to my arsenal!
    Awesome job well done!

Show Me My Heatmap

Click tracking, heat maps, and without a spreadsheet? Yes, please. is one solut...

Aimee Graeber


What makes people leave your website?