I've been attending the Search Marketing Expo in San Jose this week keeping up with all the latest and greatest in internet marketing. Monday's keynote was a presentation from Google's Matt Cutts and Bing's Duane Forrester in which they ran through examples of all the things they've seen through their "excellent adventures" in working for search engines (it was a Bill and Ted themed presentation). As an SEO in the software security space you can imagine my delight when Matt presented a couple slides on examples of hacked sites and likewise my dismay when he concluded the topic abruptly noting that, all you can do to protect yourself from hacking is keeping your software updated and patched.
I immediately fumed and complained immediately....on Twitter. I even went so far as to submit a question for the session asking if there were any plan to offer support for sites that are the victims of hacking in order to minimize any collateral SEO based or reputation based damage. It wasn't offered up by the moderator and I left the session smugly thinking, fools, you're all fools! /overdramatic re-enactment.
The Restoration of Faith
The very next day I was met with the following tweet circulating throughout conference attendees;
Every SEO and everyone at #SMX should know about our new site to help hacked sites: googlewebmastercentral.blogspot.com/2013/03/new-fi… Spread the word!
— Matt Cutts (@mattcutts) March 12, 2013
What!? Had I been heard? I was euphoric, not because I felt heard but because the message was getting the attention it deserves. Hacking is a real concern, there's not only the potential for private data to be stolen but specifically for SEO folks, there's potential for a rankings loss in search engines. When that happens all of a sudden your client's online revenue might take a big hit or worse, YOUR income takes a hit and potentially your reputation as an SEO/internet marketer.
As marketers we're used to moving at the speed of innovation but doing so often means exposing yourself to a high level of risk. What would you say to a client whose site was hacked as a result of that fancy new plugin you insisted they had to have? Sure the developers should have secured the code but ultimately as a webmaster you're making the decision to trust that brand and you should only be trusting software developers that take the time to secure their products.
We're all liable and collectively we need to push security awareness to the forefront of discussion and decisions.
So take a moment to explore Google's new resource for hacked sites and join me next week as I break down what they offer and add our own recommendations as well.