The VAR Guy Blog

10 Questions to Ask Your Hosting Provider

Research from SophosLabs, Sophos’ global network of threat intelligence centers, shows that 80 percent of websites where malicious content is detected are actually innocent sites that have been compromised by cybercriminals. Any site can be a target for this type of attack, from the largest global corporation to a local community volunteer organization.

The security of your website is something you cannot afford to ignore if your online reputation and the safety of your customers and visitors matters to you. One of the key choices when creating an online presence for your organization is choosing a hosting provider. There are many factors to consider including cost, bandwidth, resilience and additional services, but for now we will discuss only the security-related considerations.

Here are 10 questions you should be asking your hosting provider about features and services that will help to keep your site secure, covering general security practices, application security and operation of the site itself.

  1. What is your security policy?
  2. How do you handle security breaches?
  3. What is the platform under my application?
  4. Do you offer SSL (HTTPS)?
  5. Do you backup?
  6. Who is responsible for installing applications and CMS platforms (e.g. WordPress)?
  7. Can I disable applications and services I’m not using?
  8. Who is responsible for updating applications and software?
  9. Do you do any security monitoring?
  10. How are uploads secured?

For additional details, download the "Choosing a Hosting Provider" whitepaper from Sophos (no registration required).

Monthly guest blogs such as this one are part of The VAR Guy’s annual platinum sponsorship. Read all of Sophos‘ guest blogs here.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.