Have you set up a company and launched your new website to represent your brand and connect with customers? Have you recently decided to upgrade your existing site with new content and functionality? Perhaps you’ve added an online store or given your customers the ability to access their records or transactions with your Buisness. Not a business, but a social membership organisation using your website to collect fees and members’ information?
If any of these apply to you, please read on.
Owning a business website is not quite as simple as it seems, I’m afraid. By law (as referenced below), we now have to give serious attention to online customer protection. Businesses and Organizations have obligations and when something goes wrong with online data security online, ignorance is no longer an acceptable excuse.
Here are 10 questions you need to consider about your website.
1) What information will I collect from customers and why?
2) Do I need all of the information I am collecting?
3) Will this information actually be used or am I collecting it just in case I decide to use it later?
4) What legal obligations do I have when collecting and storing this information from and/or about my customers?
5) What is the impact to my business if this information was stolen?
6) What is the impact to me personally if this information is stolen?
7) What security measures will be in place to protect both my customer’s information and my business from legal action in the event that this data is stolen?
8) How long can I afford for my business website to be unavailable?
9) What will the impact be on my business if my website is turned into a site selling Viagra (for example)?
10) What will the impact be on my businesses reputation if my website is infiltrated and turned into an attack site, injecting a virus on to every customers computer who visit’s my site?
Can you really afford to develop a business website but then not giving all due diligence to the associated security issues?
IT Security does not have to be as expensive as you may have imagined. The introduction of a few security standards can go a long way and does not have to cost you an arm and a leg. It is well worth budgeting a rigorous and expert security review as part of your website development costs, especially when the costs of not doing so can end up being very significant indeed.
Key information about your responsibilities can be found from the Information Commissioner Office here
Thanks to Gary Sharpe for his editorial assistance.