CSAM: A good month to discuss website security with clients

Cybersecurity Awareness Month isn’t a marketing gambit. Now in its 17th year, CSAM is a collab between government agencies and industry leaders, created to raise awareness and provide resources to further a safer internet. People like web designers and developers should look at CSAM as an opportunity to discuss website security with clients.

It’s a conversation that many of us in this creative sphere aren’t keen on having.

Some might argue that, technically, website security isn’t their problem. (They already delivered the thing.) But it’s important to understand that low-hanging fruit supports an ecosystem where bad actors can thrive. We don’t need them trashing up the internet, a place where everyone is already hustling to make a living.

Web professionals should make sure clients understand what website security is, the risks that are out there, and who’s handling what.

Ready to rip off that Band-Aid? Don’t stress. Let’s walk through this together.

Getting the CSAM conversation started

Ideally, the topic of website security comes up naturally, say, during a routine phone call or Zoom meeting. If it doesn’t, you might need a proactive approach (before CSAM ends). Here’s a short email template you could use to set up a discussion this month:


It’s Cybersecurity Awareness Month. Got a sec to talk?


In the spirit of Cybersecurity Awareness Month, let’s go over a few important points about staying safe online.


Hi <name>,

You’re looking great online, but have we talked about securing your web presence? October is Cybersecurity Awareness Month and a great time to discuss methods for thwarting bad actors.

Please let me know if you’re available for a quick conversation. I look forward to it!



When you have that talk, make sure clients understand and use, at a bare minimum, these website security must-haves:

  • Backups — If a website gets hacked, backups let you roll back to an uninfected version of the site. While backups aren’t the solution for every type of hack, they’re a head start toward recovery and often included with hosting plans.
  • Strong passwords & 2FA — Seems obvious, but weak passwords are a popular attack vector for hackers. Make sure clients understand how to create and manage strong passwords, and then set up two-factor authentication (2FA).
  • Security scanning — Knowing a site is hacked lets you more quickly get started with remediation, preventing further damage. There are many remote scanners available for free, while server-side scanners look deeper into a site’s files and databases.

Website security might not be your specialty, yet having this discussion is the right thing to do by your clients. But what if it leads to a client requesting that you handle website security for them? It’s not as difficult as you might imagine.

How to protect your clients’ sites

If you’ve already signed up for GoDaddy Pro, you’re on the right track. It’s built from the ground up to help professionals like you manage clients’ websites and all the tasks that arise on a day-to-day basis.

3 reasons to check out GoDaddy Pro for security

If you haven’t signed up yet, here are three big reasons to take a close look at how GoDaddy Pro makes it easier to manage secure websites:

  1. Scans are automated for all your sites. GoDaddy Pro includes regular security scans of every website you add. That means huge peace of mind for you, because you don’t need to continuously schedule and monitor scans.
  2. Running updates becomes a cinch. Bulk Safe Updates from GoDaddy Pro lets you run updates for any websites that need them, from one dashboard. No more logging in and out of every client’s website. No more worrying about out-of-date components.
  3. Passwords remain secure and hassle free. You can also manage passwords for all your websites from that same dashboard, simply by logging in once to your GoDaddy Pro account. Your own logins get additional protection from two-factor authentication.

SSL is not the end of the conversation

With all the talk today about search engines moving toward SSL as a requirement, clients might think it’s all they need to protect their websites. When you have that conversation with them, be sure to explain that while SSL does encrypt the data exchanged between a website and visitors, it does not protect the website itself.

Locking down security for clients’ websites

Everything we’ve discussed up to this point should help you breathe easier, knowing your clients have a degree of protection for their websites. But there are still a couple things that merit consideration for any type of web presence, large or small:

  • Website firewall — The beauty of a website firewall is that it’s continually updated to be able to identify and block even the latest threats. It can also act as a stopgap for outdated components that no longer receive updates from their developer.
  • Content delivery network — A CDN not only protects against threats like DDoS, it speeds up a website’s load times. By caching the site at points around the world, content is served from the location closest to a visitor, vastly improving their experience.

Both of these features are included in Deluxe and Ultimate Website Security plans from GoDaddy. Both also include security must-haves like blacklist monitoring and removal, malware removal, and dedicated live support. With Ultimate plans, you add SSL and one-click restores.

Maybe CSAM is the time to start offering website security

This is much easier as it sounds. Adding GoDaddy’s Website Security to your core offerings could be as simple as marketing it as a white-labeled product. Purchase the plans for your clients, and then put them in touch with GoDaddy’s support team if they ever need help or a cleanup.

This lets you provide an end-to-end suite of website products while you maintain the ability to focus on what you do best. Granted, this might be the right play for everyone, but it’s sure worth looking at. Check out GoDaddy Pro for more information and see how Website Security lines up with your operation.

The post CSAM: A good month to discuss website security with clients appeared first on GoDaddy Blog.


Accessibility Toolbar