Michigan Legacy Launches New Design!

Michigan Legacy Credit Union Website Screenshot

Congratulations to Michigan Legacy on the launch of their new website! The new site is based on our WordPress with SiteControl platform. The new site features mobile responsive design, direct login widget, a Community Spotlight section, a news section and more.

Check it out here: https://michiganlegacycu.org/

Is Your WordPress Website Secure? It is With Us!

WordPress

In the previous article we posted from Credit Union Times that addressed whether or not WordPress websites are secure, they noted the following:

“At its core, WordPress is extremely secure (see wordpress.org/about/security). In fact, when compared to competitors, WordPress is probably the most secure content management system on earth. While the popularity of WordPress does mean more people are trying to hack it, WordPress has been remarkably successful at resisting attacks. If you study the history of WordPress security, you’ll see that WordPress software is NOT the security issue you should be worried about (source: managewp.com/is-wordpress-secure). The security threat you should be worried about is yourself. WordPress users are the security issue, not WordPress.”

They made a list of best practices to follow for making your WordPress website secure and here’s how we have responded:

Keep Your Website Updated

We do this automatically! As part of our hosting platform, we schedule regular weekly updates to the WordPress core software and plugins. It is why we specialize in WordPress!

Host Your WordPress Website on Secure Servers

We’re not the cheapest hosting option around and we know that. But we’ve built hosting architecture and network security specifically for Credit Unions!

Create Unique Usernames and Passwords

Each website account is created with unique usernames and passwords. We wouldn’t trust it any other way.

Limit Login Attempts & Use a Premium WordPress Security Plugin

Our number one goal is to keep your website secure, which is why we have installed and configured the Wordfence security plugin on all of our sites.  Wordfence helps manage login attempts and auto-bans unknown users who try to attempt access to the site by dispensing brute force attacks.

Use Trusted Third-Party Plugins Only

We properly vet each and every third-party plugin that is installed on all of our credit unions’ websites. We don’t as a rule, install or activate untested or low-scoring plugins.

Did you know that out-of-date plugins can pose a potential security risk?

This is why we issue regular plugin updates along with the WordPress core software. This ensures that your plugins are always up to date and helps keep your site safe from hacking attempts.

Back up Your Website Every Day

All of our credit union websites are on a regular back-up schedule. We believe in having a solid disaster recovery plan in place for life’s unexpected occurrences.

In addition to all of these great recommendations from Credit Union Times, we also go above and beyond this:

  • 24-hour automated monitoring
  • Proactive server management
  • Layered levels of security at the network level, the server level, and the application level
  • All websites are hosted on servers that are housed in a SSAE16 Certified Data Center
  • Soon to be announced free SSL certificates for any sites hosted with us
  • As an added bonus, the leader of the Web Services team has written a book on WordPress Design, Development and best practices!

We understand the unique needs of our clients and strive to always be pushing forward with the latest best practices in website security, design and development.

 

 

Is WordPress Secure for Credit Union Websites?

WordPress

From Credit Union Times:

WordPress is the most popular content management system on the planet: 27% of all websites are built on WordPress. But does WordPress have security issues? Let’s talk about website security and eight practices to make WordPress secure for a credit union website.

People often judge a credit union by its website. Your website is your biggest branch and most frequent touch point with members. If your website gets hacked, relationships will be compromised. For these reasons, choosing a secure content management system is extremely important.

There are many CMS alternatives. At the forefront of these alternatives is WordPress because it’s 10 times more popular than any other CMS on the planet (source: w3techs.com). Compared to other CMSs, WordPress has the most plugins, themes and developers, as well as the largest community of users helping users. But does the popularity of WordPress come at a price? Does popularity also mean more hackers and vulnerabilities?

Read More »

4 Essential Features for Your Credit Union Website

Your website is the digital front line that introduces your brand and your business to the world. Current members visit your site to get the latest information and current promotions as well as online banking. Non-members use your website as a platform to window shop while they are on the search for their financial home. What you display or don’t display on your website, can leave a lasting impression.

Listed below are some essential features that every credit union website should have:

Responsive Web Design with Intuitive Navigation

In 2016, a website that is not responsive (i.e. is able to be viewed and used with ease on any device) will suffer in search results and page ranking with Google and other search engines. With a fixed and unresponsive site, you are losing users as they will be more likely to leave your site in frustration.

A responsive website means that you are able to extend your reach to all users, regardless of the device they choose to view your website with.

In addition to a responsive site, your site’s navigation should be straight-forward and clean. You want to be sure that your website’s navigation is focused so that people can find what they are looking for fast and easy.

Is your website mobile responsive with intuitive navigation?

Learn more about our website services

Check out our Portfolio

Contact Information

Despite that we are in a digital age, people still want to deal with people directly.

Make sure that your contact information: physical address (and mailing address if applicable), phone number and email addresses are easy to find. Generally speaking, people will use your website to get some basic information and then will contact you when they are ready for more. Making these essential contact avenues readily available will give your users the impression that you are accessible and that you want their business.

Promotional Space & Focused Marketing

While it might seem like a good idea to put banners and other ad graphics in every pixel of whitespace on your website, this method also leads to user confusion.

Your visitors aren’t sure where to focus their attention, so they are focused on everything, which means they aren’t taking in the important calls to action and time-sensitive promotions.

By giving your website specific promotional spaces while using focused marketing with your content and graphics, you can lead your visitors exactly where you want them to go!

Got a great spring promotion that you think is too good to pass up? Make that a featured promotion on your website’s dedicated promotional spaces.

The Membership Application Process

The Membership Application Process (MAP) should be a fairly streamlined and easy process to walk through on your website. Ease of use and focused steps for your users to take to sign up means a higher conversion rate and more members!

Did you know that CU*Answers offers a great MOP / MAP program? We have created attractive, modern and user-friendly experiences for credit unions to use for new membership sign-up.

Learn more about MAP

Learn more about Custom Branding, MAP & MOP


Have you incorporated some of these features on your website? What do you find to be the most important feature on your current site?

Questions about Website Security

104642108

CU*Answers Web Services recently received some questions about website security. This client was concerned about the recent defacement of a Credit Union website in Montana and asked about how this would be handled at CU*Answers. We thought they were some good questions, so we wanted to share our answers with everyone. Here they are:

Who do we contact by phone to completely shut down our website? And does that include weekends and afterhours?
During M-F 8-5 business hours, call the Web Services Team 616-285-5711 x275
After hours, call Customer Support 800.327.3478 where someone is on call 24/7 to engage the appropriate team for response.
If something odd occurs does CU*Answers provide a diagnostic or forensic analysis of what happened?
We analyze our logs regularly to determine the source and method of attacks in order to mitigate attempts proactively. In the case of a successful “hack” we would do our due diligence to learn and prevent further abuses. We don’t have a formal plan to provide you with a report of those findings, but we’d be happy to share any findings deemed beneficial.
Does WordPress receive the same attention to updates and monitoring for security as our site?
I’m not sure I understand this question, your site does use WordPress, which we monitor and update continuously and update both the WordPress core software and plugins, this is one of the benefits of hosting with us. We also use several WordPress plugins to monitor security and log admin logins and changes on your site. Furthermore, Network Services has several protections in place at the network level including firewalls and intrusion detection systems – to name a couple – to assist in mitigating attacks.
Lastly, would CU*Answers automatically post a temporary site or link to take members to a “safe” site – bypassing the unwanted component – to access their information?
Yes, we would absolutely respond with necessary action to protect your members from any security incident. This response would depend on the severity of a compromise, ranging from removing the threat by redeploying your site from a version we keep in our code version control system, to potentially redirecting requests to your site directly to your online banking URL until the risk was mitigated.

Hosted WordPress Sites Updated to 3.9.2

WordPress

Hosted WordPress sites have now been updated to version 3.9.2. This is a security release update improving a few things under the hood. For more information, check out the release notes.