SafetyDetectives spoke with Dolapo Olisa, the Tech Lead at Charisol Limited, about different cybersecurity challenges in apps and websites, how to patch them, and some great tips on how business owners can protect themselves from hackers.
Can you tell me about Charisol and the main services that you offer?
Simply put, digital product design and development. At Charisol, we build websites, applications, and software that power brands and the ideas they generate.
More nuanced, we are a one-stop technical partner for entrepreneurs and small businesses, especially in the early stage of software-based businesses.
Our most consistent offer is consultation. We diagnose the need, problem or opportunity. Not only at first when they come to us but throughout the life cycle of their business. More than consultation, we also provide solutions whether we are building software, connecting their business to hard-to-find talent/skills, or providing a blueprint to evolve their applications/websites towards delighting their users and growing revenue.
What makes Charisol unique?
We lead with grace. It’s in our name, and it’s the DNA of how we operate. We treat each other with it and, by extension, our clients. We are fierce advocates of the users of the applications and software we design and build.
We also have a blueprint that works very well for bootstrapping entrepreneurs. We try to answer the question – how can we limit money as a primary consideration with our solution?
What are some of the biggest vulnerabilities that you’ve seen in apps and websites, and how can you patch them?
Most applications are not designed to handle DDOS attacks. Denial Of Service attacks come in various shapes and sizes, but the most frequent one is someone flooding an application with requests until the application exceeds its infrastructure capacity or limits. Which then takes down the application and makes it unable to render service to paying users or customers.
One of the common ways we patch or solve this is by using a DNS provider that has DDOS protection. For instance, by simply putting your DNS registry behind Cloudflare, you can get the benefit of free DDOS protection for your application.
What are some steps that small business owners should take to improve their online security against hackers and data leaks?
- Don’t expose your DNS providers publically. Users shouldn’t be able to easily detect the URLs of your hosts
- Timely upgrades. Don’t use stale or outdated versions of core dependencies – e.g. WordPress, Node, etc
- Using tools like Dependabot to detect and patch code vulnerabilities
- Static code analysis like Veracode and sonar to detect security vulnerabilities
- Pen testing to detect infrastructure loopholes before hackers.
What can a business owner do if their site or product is hacked, how can they regain control and secure their data?
Seek the help of a professional. Reach out to Charisol. At least for an initial consultation. The plan of attack depends on the vulnerability being exploited and the security controls already in place.
Do you have any tips for our readers for protecting their online data from scammers and hackers?
- Look for trust signals on every website you visit. Things like the lock showing the website is secure. A site that doesn’t use HTTPS probably will be careless with your data.
- Avoid using the same password on multiple sites. If one is compromised, the easy thing to do is try the same password on other sites.
- Don’t click on links or open websites from sources you do not know. And when you do, only give information that the site should need.