Facebook explains when and why it peeps at your account

Venture Beat reached out to Facebook to find out when, exactly, employees can access a user’s account without entering their login credentials.

A Facebook spokesperson sent this answer:

We have rigorous administrative, physical, and technical controls in place to restrict employee access to user data. Our controls have been evaluated by independent third parties and confirmed multiple times by the Irish Data Protection Commissioner’s Office as part of their audit of our practices.

Access is tiered and limited by job function, and designated employees may only access the amount of information that’s necessary to carry out their job responsibilities, such as responding to bug reports or account support inquiries. Two separate systems are in place to detect suspicious patterns of behavior, and these systems produce reports once per week which are reviewed by two independent security teams.

We have a zero tolerance approach to abuse, and improper behavior results in termination.

Mobile Responsive Sites Boost Search Rankings for SMBs

Mobile optimization plays an important part in SEO rankings, but many small to medium-sized businesses are reluctant to invest into updating for mobile.

“A lot of SMBs are resistant to upgrading their website to be responsive. They’ll all tell you that SEO is a priority, and they want to rank high in the search results, but they’re often not willing to take that next step,” says Taylor. “Responsive websites can be fairly expensive and take a bit of time to build out, but it’s not really an option anymore. In order to be competitive in Google, companies are going to have to have mobile-friendly websites.”

~ Jay Taylor, managing director at Leverage Digital

Case Studies: Fixing Hacked Sites

In hopes to provide help to other webmasters who have been victims of hacking, Google shares two different stories of websites that had been hacked and then cleaned up by their owners, one of a restaurant website with multiple hack-injected scripts and another of a professional website with lots of hard to find hacked pages.

Cleaning up a hacked website is usually an involved task that often requires hiring a professional. Google advises to void the hassle by following a few simple steps to minimize chances of being hacked:

  • Avoid using FTP when transferring files to your servers. FTP does not encrypt any traffic, including passwords. Instead, use SFTP, which will encrypt everything, including your password, as a protection against eavesdroppers examining network traffic.
  • Check the permissions on sensitive files like .htaccess. Your hosting provider may be able to assist you if you need help. The .htaccess file can be used to improve and protect your site, but it can also be used for malicious hacks if they are able to gain access to it.
  • Be vigilant and look for new and unfamiliar users in your administrative panel and any other place where there may be users that can modify your site.

Check It Out: 25 Worst Passwords of 2014 (Not Still Using 123456, Are You?)

SplashData has announced its annual list of the 25 most common passwords found on the Internet which makes them the worst passwords that will expose anybody to being hacked or even identity theft.

“Passwords based on simple patterns on your keyboard remain popular despite how weak they are. Any password using numbers alone should be avoided, especially sequences. As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure.” ~ Morgan Slain, CEO of SplashData

Read the full article for more details and tips on keeping your data secure with good passwords.

4 Online Shopping Myths Busted

There are some major assumptions that drive retailer strategy that don’t have a basis in reality, according to some recent analysis from McKinsey & Company.

According to some recent McKinsey survey research, there are four e-commerce myths that keep retailers heading in the wrong direction. Move past them, and you’re likely to position yourself more effectively going forward.

3 security mistakes small companies make and how to avoid them

Just about every organisation is dependent on computers but dedicated IT staff are a luxury most very small businesses can’t afford. But they still need to find a way to secure their computers against cybercriminals that aren’t going to give them a break just because they’re small.

Follow Mark Stockley’s pointers about full disk encryption, making good backups, and dangers of using outdated operating systems (Windows XP anyone?) and stay safe.

10 Must Know Image Optimization Tips

Good guide on image optimization for new retail business owners as well as for seasoned retailers from Shopify. Very helpful for getting noticed by search engines and helping with sales.