Call 0845 485 1219
We love digital - Call and say hello - Mon - Fri, 9am - 5.30pm
by Stephen Logan on 26th October 2009
The Internet has freed up the way in which we communicate. Companies can engage with their customers without the usual boundaries (although many still fail), consumers can find what they need in minutes without leaving their home or office and information can be shared globally in real-time.
But the many benefits of the Internet are often overshadowed by an equally prevalent dark underbelly of crime and social apprehension. The freedom with which we are able to provide details and thoughts, has spread fear, mistrust and abuses right throughout the world.
Commentators are forever arguing over whether the merits of the Internet outweigh the negatives. Those who suggest that it provides a platform for ‘cyber criminals’, will no doubt have had their arguments buoyed by the news that The Guardian’s Jobs website was hacked over the weekend. With this security breach came the potential loss of thousands of applicants’, past and present, personal information.
It’s not the first instance of this. Google recently had to admit that thousands of people were the victims of a mass phishing operation, in which they effectively provided their login details to hackers unknowingly. Monster, a leading jobs website, also had a similar issue earlier this year when their client’s details were pillaged. Clearly it is an issue, and one which isn’t going away.
Website owners as a result bear a great deal of responsibility. When a customer entrusts you with personal information, you have both a legal and professional responsibility to ensure that it remains secure. But when the likes of Monster, The Guardian and, to a lesser extent, Google can be hacked, what chance do you have?
Hackers generally look for two things; 1) sites with lots of users who may have valuable information and 2) weak points. That isn’t to say that a smaller site isn’t susceptible; if you’re an easy target you’ll make life incredibly easy for thieves to steal, just like a real store without CCTV or a home with doors left unlocked and windows open whilst the occupant is away. As a website owner, you need to ensure that your customer’s details and any transactions that take place are done so with the strictest security.
Websites that do require a login ought to attain towards attaining industry recognised secure standards, such as those provided by Thawte. Consumers need to be confident that their personal information isn’t going to passed throughout the world, and by achieving the exacting standards required by gaining official accreditation, you can at least set their minds at ease.
Industrious hackers can get through some of the tightest security procedures around. This is changing and the Internet is becoming safer, but don’t be lulled into a false sense of security. Any snippet of personal information can be important. Even if it is just your email login, this can be used to find other details within your account, which can eventually lead to cases of identity theft. Internet users needn’t be scared, but they should be aware.
But the onus falls squarely on the website itself. If you’re developing or already have an existing site that requires users to provide personal details, make sure security is up to scratch. People are far more likely to use a trustworthy site, than risk passing details on to traders without credentials or a reputation worth the name. Even backups need to be secured against hackers, whether on physical servers or online. Data is a valuable asset and criminals are always looking for opportunities to get their hands on it.
So should Internet users refuse to give their own personal information? Certainly not. The vast majority of sites have more than enough protection to ensure that your details never find their way into the wrong hands. Perhaps though people do need to be aware that dangers do lurk out there. To avoid losing all of your information to fraudsters just be careful how often you sign up for things, check the validity of emails and use a variety of passwords and user names.
Websites need to learn from The Guardian debacle. Whilst it still isn’t clear how large the breech was, users will be understandably dismayed that their applications and personal information were plundered. There are no shortcuts when it comes to security; by all means spend time on the design, content, architecture and SEO of a website, but don’t forget your customer’s safety too. It will bring a little more peace of mind for all involved