SMEs should make sure they understand potential security issues that can arise from incomplete or insecure website development, a leading IT security company has said.A new report from hacking specialist firm ‘encription’, cites a recent study which shows most web development companies fail to consider anti-hacker security when designing a website – through a lack of understanding of hacking, rather than laziness.And SMEs are particularly vulnerable to web designers’ foibles, as they often chose the lowest cost companies when looking to implement a new website.Tony McDowell, Director of encription says: "The sort of ‘open doors’ that a web developer can unintentionally give to a malicious hacker often include placing details on the web site that would allow a hacker to find valuable information; hosting the web site on a server that is not secure; leaving comments in the web site program that tell the hacker how the site works or using easy to guess passwords. "Unbelievably, the average hacker can crack a four digit password in less than five minutes."With this in mind, encription recommends that SMEs ask web developers five questions: "Do you know what code injection is and how to prevent it?" is the first, while: "Have you had your web hosting security tested?" is the second. Third is: "Do you ‘clean’ your code when you have finished building a site?" "Is your password policy a minimum of eight characters mixed upper and lowercase, numbers and letters?" and: "Do you hash passwords in databases?" are also questions SMEs should look to ask.© Adfero Ltd