They Ask, You Answer Mastery

A coaching & training program that drives unmatched sales & marketing results.


Sales Performance Mastery

Improve the competencies and close rates of your sales organization.

Web design

Website Mastery

Web design, development & training for your team.


HubSpot Mastery

Everything you need to get the most from HubSpot.

AI Mastery

AI Enablement Mastery

Unlock the power of AI in all aspects of your revenue operations.

Discover how IMPACT’s services can help take your business to the next level. Book a free 30-minute coaching session Book a free 30-minute coaching session
Learning Center
Learning Center

Learning Center

Free resources to help you improve the way you market, sell and grow your business.

Discover how IMPACT’s services can help take your business to the next level. Book a free 30-minute coaching session Book a free 30-minute coaching session

Free: Assessment Does your website build trust with buyers and bring in revenue?

Score My Website

Free: Assessment

Does your website build trust with buyers and bring in revenue?
Take this free 6 question assessment and learn how your website can start living up to its potential.
Score My Website
Web Design  |   Data Security

7 Quick Wins For Improving Your Website Security (& Winning Trust)

Katie Coelho

By Katie Coelho

Jun 8, 2018

7 Quick Wins For Improving Your Website Security (& Winning Trust)

Would you tell someone you didn’t trust your biggest secret? How about loan them money?

No matter how trusting you are, I’d bet money you’d think twice about doing either of these things -- and most consumers would too.

Data security, whether it be financial or otherwise, is more important now than ever.

Not only are there more attempted and successful breaches as time passes, but the public is becoming more and more aware of their need to protect themselves especially when it comes to the websites they use.

With GDPR now in full force, many marketers are paying increased attention to what and how they control their website privacy and security for users - especially because there can be legal (and in turn, financial) consequences.

In wake of this, worldwide cybersecurity spending is expected to reach $96 billion in 2018, but, there are plenty of quick and less expensive updates you can make to your site right now to help improve your security and protect your site visitors.

Trust in your brand includes trust in the platform visitors are reading information on.

If your CMS is unreliable or you don’t do a great job at explaining data security to users, they’ll most likely find the information they’re looking for elsewhere.

Here are a few website security quick wins we regularly help clients with.

Quick Wins for Improving Your Website Security

1. Use Reliable/Credible Hosting

Hosting is where your website lives and how pages appear at your domain. Some hosting platforms can be hacked and information can be compromised if the correct security measures are not in place.

Knowing this, at IMPACT, we mostly recommend using HubSpot or WordPress.

HubSpot has a page dedicated to its software & platform security, but what you need to know is that they’ve built every essential protection into their software and hosting, and do regular audits to ensure that everything is up and running securely.

For example, HubSpot protects every portal and session with top-end in-transit encryption, advanced TLS (1.0, 1.1, and 1.2) protocols, and 2,048-bit keys.

On the other hand, when using WordPress as a CMS, we recommend hosting with WPengine.

As they say, WPengine “dynamically inspects traffic, looking for new kinds of attacks, or patterns of requests from certain locations that indicate nefarious activity, and we block many of those attacks automatically.”

This is important because their system automatically protects against known and usual threats, but will also be on the lookout and notify you if there is some type of vulnerability. Essentially, someone is on the lookout for you so you can be at ease.

You can learn more about WordPress’ added security here.

In addition to hosting your website with a reputable source, ensure that the CDN (content delivery network) has data centers in multiple locations.

“Proper physical security, both in terms of electronic surveillance, access controls, and on-site security guards reduce the risk associated with bad actors attempting to gain site access,” shares Cloudflare.

Having multiple locations storing your data is important because if one location gets compromised, the others will still have backups of your data.

Even though you’d think the internet is just floating around in technology land, there actually are physical servers storing data - and those need to be protected too.

In short, not only does your hosting matter, but the company structure and physical server locations and security can affect your protection as well.

So, do your research and find the best fit for your company and audience demands.

2. Switching to SSL

SSL stands for Secure Sockets Layer and keeps the internet connection secure to protect any essential data transfer on your site.

In other words, it ensures your internet activity is secure. This is important because if you don’t have the SSL on your site, users cannot establish a secure connection and data passed between server and browsers is not private.

When you install an SSL, it adds the green secure lock and HTTPS prior to your URL. Most users know to look for this now, and take it into consideration when deciding whether to purchase from a website or even fill out a form on it.

Because Google wants users to have secure data and information, they also require SSL and alter rankings for sites with it.

For a low cost, you can add SSL on to your WordPress site, and HubSpot has a completely free option for its current users.

Already in the process? Good for you! This article goes into detail about switching to SSL and the errors that some companies have made.

3. HTTP/2

Being that this quick win is a bit more technical, the following information is from Kinsta.


First, What Is HTTP?

“The Hypertext Transfer Protocol (HTTP), the simple, constrained, and ultimately boring application layer protocol forms the foundation of the World Wide Web”


Second, What Is HTTP/2?

“The most recent version, HTTP1.1 has served the cyber world for over 15 years. Web pages in the current era of dynamic information updates, resource-intensive multimedia content formats and excessive inclination toward web performance have placed old protocol technologies in the legacy category.

These trends necessitate significant HTTP/2 changes to improve the internet experience.”

HTTP/2 is the second version (though there have been iterations of the first version) that forms the foundation of the world wide web - essentially making websites possible.


Why Create HTTP/2?

“The primary goal with research and development for a new version of HTTP centers around three qualities rarely associated with a single network protocol without necessitating additional networking technologies – simplicity, high performance, and robustness.”

Essentially, HTTP/2 is needed because it’s an improved protocol that incorporates more secure measures, and by updating your site to these measures, you’ll have the most up-to-date version running.

Here’s some more information on how to set up HTTP/2, but what you need to know is that this is done via your domain manager.

4. For Plugins, Keep it Simple

When using WordPress or a similar tool, you will likely need plugins to appropriately track data and run specific features on your site.

These additions, often from third-parties, however, give more systems access to your site and in turn, open the door to more opportunities to be hacked. It’s one of the biggest concerns many have with WordPress.

Having out-of-date or insecure plugins can make even a previously secure site to become vulnerable.

Even having too many plugins can be an issue, if you’re not good about updating your plugins regularly. Any of these issues combined can create an opportunity for hacking and data compromise.

So, we’re recommending:

  • Do research on plugins for your site (make sure they have standards for security)
  • Keep the number of plugins to a minimum
  • Ensure all plugins are up-to-date; Perhaps have a set day each week on which you do this.

5. GDPR compliance

As of May 25th, GDPR is in full effect and companies that operate in the U.S. are now subject to its law and regulations surrounding their marketing - even though the law is upheld within the EU.

When it comes down to it (related to security of data), GDPR requires that:

  • You have a software/website CRM that’s capable of deleting all user information you’ve collected
  • You have a checkbox or option on forms to opt-in for info or communication from your company (essentially storing their data and using it to contact them)
  • You notify users that cookies are tracked on your website for improved usability

If using HubSpot, these updates are simple to make. In fact, the platform made it a priority to add new features to meet these regulations, including “complete data delete.”

Not only is it important from a user trust standpoint to ensure that these features are on your site, but with the hacking and selling of data, these regulations were created to protect consumers data from careless businesses.

These are the times we live in and digital data protection is everything.

6. Notify Users on Data Collection

By notifying users on the type of data you collect and store, you’re helping users better understand what information they are actually willing to give.

For instance, if you love getting product suggestions from Amazon, you’ll have no problem having them access your purchase data, but if you’re registering for a webinar and see your information may be shared with the third-party provider, perhaps you’d refrain.  

Some examples of notifications can include:

  • A hello bar notifying of your privacy policy or that cookies are being tracked
  • A simple to read and understand privacy policy link in your footers and next to forms
  • Pop-up notifications warning users of any information you need to collect and WHY
  • A checkbox on forms so users understand how their information will be used

A real-life example can be seen on IMPACT’s site:


These updates should not require a heavy lift, but you may need someone technical for a hello bar or pop up.

7. Using a Password Manager

Last, but definitely not least, always use a password manager with ultra-secure passwords for your CMS, domain, etc..

There is vulnerability in reusing passwords, or using common words or phrases as, after someone gets a hold of it, it’s easy  to test and reuse it on other websites. Simple passwords are also easily hacked by bots.

A few password managers we recommend are:

It All Comes Down to Trust

Talking about the security of your website can be overwhelming and technical, but by implementing even one of the quick wins listed above and you can not only rest easier knowing your information is safe, but your visitors, prospects, and customers can as well.

Trust is one of the biggest emotional factors at play in people’s purchase decisions.

By taking the steps to make your website more secure, you’ll make visitors more comfortable converting, and ultimately, doing business with you.

Even though you may have a million other priorities, security has to make it to the top of your list and it’s essential you revisit it often!

Free: Assessment

Does your website build trust with buyers and bring in revenue?
Take this free 6 question assessment and learn how your website can start living up to its potential.

Related Articles

10 Pricing Page Examples for Business Websites (Updated for 2024)

November 30, 2023
Connor DeLaney Connor DeLaney

The Hidden Costs of a Cheap Website

November 29, 2023
Vin Gaeta Vin Gaeta

The Website Experience Your Customers Are Yearning For

November 27, 2023
Mary Brown Mary Brown

10 Examples of Company Profile Pages to Inspire Yours

November 22, 2023
John Becker John Becker

Is It Time for an AI-powered Chatbot on Your Website?

November 21, 2023
Will Smith Will Smith

Think of Your Business as ‘E-Commerce’ — No Matter What You Sell

November 15, 2023
John Becker John Becker

8 of the Best Business Website Designs to Inspire You in 2024

November 1, 2023
John Becker John Becker

Your Website in 2024: The Future of Trends, Tech, and Traffic

November 1, 2023
Vin Gaeta Vin Gaeta

Create Better Website Videos by Avoiding These 3 Mistakes

October 25, 2023
Katie Coelho Katie Coelho

4 Ways To Recession-proof Your Website In 2024

October 22, 2023
Marcus Sheridan Marcus Sheridan

Business Leaders: Do You ‘Own’ Your Own Website?

October 16, 2023
Mary Brown Mary Brown

Can I Use AI Tools To Build My New Website?

September 18, 2023
Vin Gaeta Vin Gaeta

What Is a 'Learning Center' and Why Does My Website Need One?

September 14, 2023
John Becker John Becker

How Much Does a Website Redesign Cost in 2023?

July 20, 2023
Vin Gaeta Vin Gaeta

Do You Need a New Website? Maybe Not

July 19, 2023
Vin Gaeta Vin Gaeta

14 Award-Winning Website Designs (& What They Did Right)

July 17, 2023
Christine Austin Christine Austin

What a New Self-Selection Tool for Your Website Will Cost

July 13, 2023
John Becker John Becker

9 Self-Service Tools to Inspire Your Business Website

July 10, 2023
John Becker John Becker

What Does a Great Inbound Marketing Website Look Like in 2024?

May 16, 2023
Katie Coelho Katie Coelho

Your Website Strategy Must Include These 6 Things

March 20, 2023
Mary Brown Mary Brown

Website Conversions in 2023 — STOP, START, KEEP

January 25, 2023
Vin Gaeta Vin Gaeta

Website Mastery: A better redesign process for your business website

November 1, 2022
John Becker John Becker

8 Best Content Management Systems for Digital Marketing in 2023

October 1, 2022
Katie Coelho Katie Coelho

12 Essential Tips for Improving Your Web Design in 2023

September 13, 2022
Christine Austin Christine Austin

23 of the Best Examples of Business Blog Design

May 30, 2022
Christine Austin Christine Austin