Why You Should Determine Your Level of Security

Why You Should Determine Your Level of Security – Security of information on the Web is of great concern to Web users, so it’ll definitely need to be a part of your site planning process. The bottom line is that you need security if you’re gathering personal information from your customers. The more confidential the information, the higher the level of security you’ll need to establish for your Web site. For example, if you plan to sell products online, you’ll need to securely receive and process credit card information. If, however, you only plan to request contact information for the visitor to register for a newsletter, you’ll require less security.

The most basic means for gathering information from a Web visitor is via e-mail. It’s not uncommon for a site to have a Contact Us link that automatically opens an e-mail page with the To e-mail address field already filled in.

Transaction of information over e-mail is not secure. Despite the lack of security, e-mail can be a valid method for someone to contact your company and request information. You just need to be aware of the type of information you’re requiring your Web visitors to send to you. If it’s information they wouldn’t want used without their permission, you should consider a more secure means than e-mail for gathering their data.

In the case of Web registration pages that request only basic personal information such as address, e-mail address, phone, and so on, building an online form with an ASP (Active Server Pages) or PHP (Hypertext Preprocessor) script should be sufficient to protect this data. Because the script resides on the server, the data that’s gathered isn’t accessible via the Web browser. This helps prevent access to the data by anyone who doesn’t have the authority to access it.

However, if you’re requesting credit card, banking, social security number, or any other information that’s transactional or confidential, you need to secure that data to a much higher degree. At this point, there are a few aspects of protection to consider, as follows:

Encryption: The most common means for protecting Web site data. Basically, encryption is a process of scrambling the information submitted to your site so that only your system can unscramble it.

Authentication: Provides you a way to prove to your Web site visitors that you’re who you claim to be and a trusted third-party authority can verify this. This doesn’t secure your data but verifies your authenticity as a company, which can help you gain the trust of your Web visitors.

SSL (Secure Sockets Layer) certificate: This digital certificate provides both encryption and authentication, and is considered the best means for protecting data and garnering trust from your visitors.

When considering which vendor to purchase your SSL certificate through, consider their reputation and the level of encryption they can provide.

Ultimately, no matter how secure you make your site, if you don’t communicate this to visitors and customers, they may not trust it. For starters, post a privacy statement that outlines how you’ll use data that your visitors or customers provide via your site. This statement should be easily accessible on your Web site.

Additionally, use a reputable SSL provider and obtain their security seal so that you can post it on your site. This way, your Web site users will have peace of mind that their information is being protected.

Additional Reading: Elements of Your Business Web Site Design