#HowTo Be Sure You Choose a Safe and Secure Hosting Provider

In 2017, more than 317 million new pieces of malware were created, while each day 30,000 websites are hacked. These numbers might be shocking to some, but they’re nothing new to us. After all, cybercrime is now more profitable than the worldwide illegal drug trade.

The problem is that many hosting providers still haven’t caught up when it comes to your security. Their client's websites would be safer if they’d put in place up-to-date, advanced security practices. How do you know how safe your data is? How do you know whether or not all your hard work is going to be undone by a lax hosting provider? You need to ask the right questions.

Here are six key data security questions to ask when you find yourself in the process of reviewing and choosing your next hosting provider.

How Do You Backup Your Clients Data?

It’s a good idea to have as much data included in your backup as possible because a backup is the best form of defense against an attack. If your site is hacked, or disappears, a backup allows your site to be back online as soon as possible with barely any (if any) issues.

With so many websites being hacked each day all around the world, it’s imperative that any hosting provider has a recent backup copy of your data. This is the quickest way of ensuring you’re up and running again in the event of an attack.

Ask any potential hosting provider how they backup your data. What is their strategy on this front? What happens when they perform a major update - do they run a manual backup beforehand? A prior manual backup is important because your data can be retrieved if things go wrong and you need to restart the update. You could also ask if they perform a mere database backup, or if they perform a full backup.

Moreover, do they backup your whole site automatically and - if so - how often? Backups should be done regularly - preferably each day, or at least each week. This might sound like overkill but a monthly backup isn’t much use. Think about it: If you get to day 29 of a particular month and your site gets attacked, you will lose 29 days’ worth of data.

Where Do You Store My Data?

This might seem like an unusual question but here’s the thing: Because data is stored in data centers all around the world, you need to know whether or not your data is stored in a region that’s susceptible to natural disasters, like tropical storms. It might seem unlikely that a powerful natural event will wipe your data clean out - but it happens.

In our opinion, it’s always a good sign if the hosting provider uses different data centers to store your data. That way, they can just shift your data to another center in the event of an impending disaster.

What Is Your Security Policy?

It goes without saying that all hosting providers should have a security policy - and that you should be able to see it. A security policy shows you exactly how a hosting provider protects your company from attacks, as well as how they deal with security threats and their underlying technology stack.

Some providers like to keep things to the bare bones, arming you with an internet connection and server resources … whilst leaving you to take care of the security. This, however, isn’t good enough. What you ideally want is a thorough security solution that comprises things such as frequent anti-malware scans, regular server monitoring and mitigation of denial of service attacks.

You may also find that a hosting provider offers such security solutions - but that you have to pay extra. That should be fine if you cannot find a better hosting provider, have room in your budget and take security seriously.

On the other hand, if you don’t have room in your budget, you might have to take care of a few aspects of your security yourself. You might, for example, have to take care of performing anti-malware scans, regular server monitoring, encrypting your login pages and keeping your software up-to-date.

Do You Monitor Servers?

Another good sign that your data is going to be in good hands is if the hosting provider has a team that monitors servers, network devices and firewalls. These teams should be looking for unusual activity that indicates a possible attack attempt.

If the hosting provider has such a team, you could also ask if their logs are available to you and - if so - how long do they keep them for? Keeping them for a minimum of 30 days gives everyone the chance to return to them, looking for patterns that could be useful at the present time.

How Current Is Your Security Training?

It’s a smart idea to find out whether or not their IT team is up-to-date with the latest security training. Ask what security skills they possess. If you happen to notice any gaps, perhaps politely suggest that they take training to bring them up to speed.

For example, are they up-to-date with the latest software and tools, and how often do they carry out proprietary training? According to one expert, training which covers passwords, emails, websites and more should be repeated every 12 months.

How Responsive Is Your Tech and Customer Support?

When it comes to websites, things can - and do - go wrong. There will come a time when you’ll need to contact tech support, and it will be super helpful if the tech support can respond in a timely manner so that you’re up and running as soon as possible, and your data isn’t lost.

Ask any potential hosting provider about their tech and customer support. Find out if it’s available round-the-clock 24/7, and what their availability is like during the holidays, such as Christmas. Also, do they work weekends and what is their average response time? How quickly do they resolve issues on average, too? As a rule of thumb, a good customer response time for web hosting services is said to be between 1-5 hours.


Asking the right questions gets you places. When it comes to your next hosting provider, these data security questions will ensure you pick the one that’s right for you, and it will give you peace of mind that your data is in the right hands.

Because security is one area you definitely can’t do on the cheap, make sure to do a thorough check of hosting reviews before you make your final decision.

What’s Hot on Infosecurity Magazine?