Watch Out Watch Out, there is an Insecure Web Site about...!
Posted on 27th April 2017 at 18:03
We should all know...
Cyber Crime is increasing, the number of attacks and the ingenuity that Cyber Criminals are using to steal from us is increasing daily.
What we may not know...
We may be helping by having an insecure website which is written in Wordpress which is a very popular platform to have your website written on.
It is popular with many web companies, who may be less structured and don't always implement high grade security protocols.
Wordpress is widely used as it is “Open Source” and as such developers all around the world have access to the code for developing add-ons and fancy gizmos. This of course is totally fraught with danger as these developers are totally unregulated and non-accountable. (You will find a small disclaimer on many WordPress add-ons absolving the developer from any loss which use of their code may cause.) As no-one actually owns WordPress, users have no redress if there are any legal issues.
As the system is unregulated, there is no guarantee that your WordPress site is hosted on a secure server in the UK, which is another great weakness.
It is imperative that you have your website developed by a company that take exceptional steps to protect user data and implement industry standard security protocols. Your developer ideally should as a minimum:-
Build sites with proprietary, proven software.
Host their client sites on secure servers.
Host client emails and enquiry forms on a different set of SQL servers configured with the highest levels of industry standard security protection.
In our case, our web company manage each of their sites with a master password for editing which was agreed with us. We were then able to grant access to our site with other logons which have restricted access, so that our staff could change a page, but not access enquiry forms or main system settings.
Unfortunately in this age of electronic data, many unscrupulous people and organisations will constantly try to obtain private data, we are lucky as we know that our site has been constructed to ensure our data is safe.
Sadly the British Pregnancy Advice Service weren't so lucky and when their website was compromised they suffered a £200K fine, although they had no idea their website was insecure the fine was upheld.
With GDPR becoming legislation on the 25th of May 2018, fines will be considerably higher, so in one way they were lucky.
We pride ourselves that we are independent, we spent considerable time to find the right web company to build our site, cost was a factor however security was our major consideration.
Share this post:
