When designing and launching a new website, many small business owners assume they don’t need to address Web security since they’re not prime targets. They could not be more wrong. Small businesses’ websites are prime targets (who would suspect the local florist website?). To protect your business’s reputation and your customers’ information, consider the following tips when developing a new website:

1. Start with Web security in mind. It’s much easier (and cheaper) to build a secure site than it is to remediate a flawed one. Many times development and design teams have not been trained to think about Web application security, putting the site at risk for a seemingly endless array of threats. Be sure you communicate your security concerns with your design team or hire a company with experience in secure Web application development.

2. Before your website goes live, test for security vulnerabilities. A high-quality, automated security scan will give you an idea as to the general security health of your site. Even if you built a site with security in mind, without a security check you will not know where you stand. Even experts make mistakes.

3. Recheck the back end of your site every six months. Hackers get smarter every day, systems change, and security scanners get more sophisticated. Even sites with a perception of high security can be compromised, so keep in mind that your business must be proactive to keep your site secure and customer data safe.

This article was written by Alan Wlasuk and published in Bloomberg Businessweek magazine.