As we set to research this subject, we were shocked at some of the statistics discovered en route. We wanted to share it, at a time when not all clients were taking on SSL and it’s benefit.
A report earlier this year in the Telegraph highlighted that The Department of Digital, Culture, Media and Sport (DCMS) researched cyber attacks in the UK in 2016. They discovered that over half of British companies had reported attacks that year. Employees identities were being stolen and used in emails online and businesses temporarily lost files and network access, which in turn brought to mind the recent incident with the NHS.
The NHS Cyber attack was reported to have come from North Korea, which shows that it can come from anywhere at anytime. The group, Lazarus, behind the attack, was supposedly the same group who targeted Sony in 2014. You may be thinking that as a small company, you will not be attacked and only larger companies are targeted, however, the DCMS research showed that 68% of companies with 250 plus employees were targeted, and also 66% of those with 50 to 249 employees were victims of attacks too.
The survey was carried out on 1,523 British companies, it revealed that ‘the average cost per attack was £1,570 for all companies, rising to £19,600 for large ones’. It goes on to say, that most attacks are simple and can be avoided ‘by getting the basic defences right’.
An Apple A Day Keeps The Hackers Away
So what can you do about it? SSL is the answer and it’s not that expensive. We worked it out to be, about the price of an apple a day, from a popular supermarket. For 34p a day or £125 a year you can have peace of mind. You can sleep at night knowing that you had locked the door to your data and website.
SSL or Secure Sockets Layer, provides a standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. This covers your site and email. Any moderately skilled hacker can easily intercept and read the traffic unless the connection between a client (e.g. internet browser) and a web server is encrypted. To put it simply, you wouldn’t leave your door wide open on your house for strangers to come in, look around and take what they fancied, Similarly, you shouldn’t leave your website open without SSL to allow unwanted visitors to enter and take what they can.
SSL also reassures your users, who will see your website’s URL prefixed with “https” instead of “http” and a padlock shown on the address bar. This padlock icon displays to a user/customer details about your SSL. It’s to be remembered that SSL Certificates are issued to either companies or legally accountable individuals only after proper authentication.
The legal bits
Basically as it stands the the Data Protection Act 1998 requires that if you hold any personal or ‘sensitive’ data about your clients and visitors then you need to protect that data. This ranges from e-commerce sites to login forms and even basic customer data for updates or a newsletter.
Next year the GDPR or European Data Protection comes in in May. We learnt that this will apply to any company, or organisation in contact with users or clients within the EU. So even a company based in the USA, having viewers with data in the EU, will need to apply to GDPR Regulations. As part of the GDPR, it will be the user who owns their own personal data. Businesses will need their permission to use it, they can only hold it for two years and must keep it safe. At any given time a user or client can ask for their data back, and it must be removed from all of your records. The consequences are far more severe than those of the DPA. We are not legally trained, so please ensure you speak to a GDPR specialist about your particular needs and requirements.
Just a bit of common sense and maths
To us, SSL just makes more sense to have it, than to be without it. So to summarise, here are our key points about SSL:
It’s daily cost equals that of a healthy snack
We are at a time when you have a one in two chance of being hacked.
The cost of being down is at least twelve times that of annual protection with SSL
I’s padlock icon reassures your users and customers of your security
The changing regulation will mean you will need to know where your user/client/ donator’s data is and protect it
Tracy Spence is Sales and Marketing Director at M3 Strategic Marketing Ltd, based in Northampton UK. Tracy takes the lead when it comes to Social Media, Search Engine Optimisation and all things Conversion, including online User Behaviour.