Security

/Security

The Importance Of HTTPS Has Just Increased

It was reported several months ago that 30% of page-1 Google results in Moz’s 10,000-keyword tracking set were secure (HTTPS) as opposed to standard HTTP. However, as of just a few short weeks ago, this number had increased to 50%

Whilst there are no indications of a big jump, (perhaps highlighting that this is not linked to a major algorithm update, there can be no escaping the fact that these changes are significant.

What Does The Future Hold?

A crystal ball would certainly be handy on occasion but even following a low scale projection, estimates suggest that HTTPS could hit about 65% of page-1 results by the end of 2017. As with all projects, this is just an educated guess but as the image below taken from Moz suggests, the chances are strong.

HTTPS

What Should You Do About Your Website?

It’s very easy to get lost in the quest for SERPS but even if you are not too concerned about your Google rankings, it may still be worth taking a closer look at whether HTTPS may be beneficial for your website.

Whilst Google are currently denying that sites will be rewarded or penalised accordingly for using or not using HTTPS, browser updates such as Chrome warning visitors about non-secure pages can be very off putting to visitors and potential customers.

For any new website we would recommend seriously utilising secure protocols from the outset. The required security certificates are relatively inexpensive and any associated risks are low.

For existing sites though, the choices are tougher. All site wide changes carry an element of risk and therefore this decision should not be taken lightly. If you would like a chat about your website, please give the Footprint Web Design team a call on Tel. No. 01883 372488 today.

Currently Browsing: The Importance Of HTTPS Has Just Increased

To read more about this Moz story, please click here.

By | August 1st, 2018|Security|Comments Off on The Importance Of HTTPS Has Just Increased

Does Your Website Need An SSL Certificate?

HTTPS are five letters which have been getting a great deal of publicity recently. With online security being more important than ever before, the addition of a HTTPS (Hyper Text Transfer Protocol Secure) certificate to a website will help to secure the connection to the website for your visitors.

Browsers nearly always provide an indication of whether the website your are browsing is secure or not. Just take a look at the address bar in the browser to see what we mean. Is the lock in the top left hand corner locked or unlocked? Does it say secure or not secure? The answer to these questions will tell you whether an HTTPS certificate is in place.

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the user’s computer and the site. Users expect a secure and private online experience when using a website. We encourage you to adopt HTTPS in order to protect your users’ connections to your website, regardless of the content on the site.

Data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection:

  1. Encryption—encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can “listen” to their conversations, track their activities across multiple pages, or steal their information.
  2. Data integrity—data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
  3. Authentication—proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.

What Is The Value Of An SSL Certificate For The User?

Everyone has the right to visit a legal website without worrying about what will happen to their details should a transaction take place.

Google has identified a number of reasons why the switch to HTTPS is beneficial for web users and webmasters alike. These include the fact that data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection:

  1. Encryption. Encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can “listen” to their conversations, track their activities across multiple pages or steal their information.
  2. Data integrity. Data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
  3. Authentication. Proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.

Value of HTTPS for SEO

Previously, Google announced that HTTPS would being added to their ranking algorithm. Whilst very unlikely to be the difference between a page 10 ranking and a page 1 ranking, building trust with customers is a key part of any SEO campaign and therefore should definitely be considered.

With the majority of browsers making it clear if a website is ‘not secure’, without the inclusion of an HTTPS for your website, you are running the risk of scaring away visitors.

Contact Us

Would like to find out more about making the switch to an HTTPS connection by adding an SSL certificate to your website? Give the Footprint Web Design team a call on Tel. No. 01883 372488 today.

Currently Browsing: Does Your Website Need An SSL Certificate?

By | May 8th, 2018|Security|Comments Off on Does Your Website Need An SSL Certificate?

What is GDPR? How Does It Affect Your Website?

General Data Protection Regulation (or GDPR as it is more commonly known), is being introduced to overhaul how businesses process and handle data.

Key Questions

  • When Do The New Regulations Begin? 25th May 2018
  • Who Will Be Enforcing It In The UK? The Information Commissioner’s Office
  • What Is Different? There are new rights for people to access the information companies hold about them, obligations for better data management for businesses, and a new regime of fines
  • Will GDPR Be Impacted By Brexit? The UK is implementing a new Data Protection Bill which includes all the provisions of the GDPR. There are some small changes but our own law will be largely the same.

GDPR and other data protection laws rely on the term ‘personal data’ to discuss information about individuals. There are two key types of personal data in the UK and they cover different categories of information.

What is GDPR? How Does It Affect Your Website?

What Is Personal Data?

Personal data can be anything that allows a living person to be directly or indirectly identified. This may be a name, an address, or even an IP address. It includes automated personal data and can also encompass pseudonymised data if a person can be identified from it.

What Is Sensitive Personal Data?

GDPR calls sensitive personal data as being in ‘special categories’ of information. These include trade union membership, religious beliefs, political opinions, racial information, and sexual orientation.

Taking A Closer Look

We understand that this new regulation looks particularly complex and have written this article to help provide answers to some of the more commonly asked questions, starting with what is GDPR exactly?

Please Note – You can find all of the important information on the official website by clicking here.

What Actually Is GDPR?

After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. Enforcement date: 25 May 2018 – at which time those organizations in non-compliance may face heavy fines.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organisations across the region approach data privacy.

What is GDPR? How Does It Affect Your Website?

Who Does the GDPR Impact?

The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

What Are The Penalties For Non-Compliance?

Organisations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements e.g. not having sufficient customer consent to process data or violating the core of Privacy by Design concepts.

There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors — meaning ‘clouds’ will not be exempt from GDPR enforcement.

What Is The Difference Between a Data Processor And a Data Controller?

A controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.

The conditions for consent have been strengthened, as companies will no longer be able to utilise long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent – meaning it must be unambiguous. Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.​

Explicit consent is required only for processing sensitive personal data – in this context, nothing short of “opt in” will suffice. However, for non-sensitive data, “unambiguous” consent will suffice.

What is the Difference Between a Regulation and a Directive?

A regulation is a binding legislative act. It must be applied in its entirety across the EU, while a directive is a legislative act that sets out a goal that all EU countries must achieve. However, it is up to the individual countries to decide how. It is important to note that the GDPR is a regulation, in contrast the previous legislation, which is a directive.

Does My Business Need to appoint a Data Protection Officer (DPO)?

DPOs must be appointed in the case of: (a) public authorities, (b) organisations that engage in large scale systematic monitoring, or (c) organisations that engage in large scale processing of sensitive personal data (Art. 37).  If your organisation doesn’t fall into one of these categories, then you do not need to appoint a DPO.

A more in depth analysis of the one-stop-shop policy debate can be found here.

Currently Browsing: What is GDPR? How Does It Affect Your Website?
By | May 1st, 2018|Security|Comments Off on What is GDPR? How Does It Affect Your Website?

How To Give Your Website An Additional SEO Boost

Whilst there are a great variety of factors taken into account by Google when it comes to determining their website rankings, online security is playing a far bigger role than ever before.

Google has even gone as far as to issue the following statement:

“You should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications. Aside from providing critical security and data integrity for both your websites and your users’ personal information, HTTPS is a requirement for many new browser features, particularly those required for progressive web apps.”

What Are the Benefits of HTTPS?

We’re all used to seeing ‘HTTP’ at the beginning of a URL but was about extra ‘S’? Essentially the S stands for “SSL”, which in turn stands for Secure Sockets Layer.The Top 2 Reasons You May Want To Consider Upgrading Your Website To HTTPS

This extremely useful technology helps to encrypt the connection to a website, providing that extra layer of security making it more difficult for hackers to intercept important data. This can include passwords and payment details.

What does HTTPS actually do though?

  • HTTPS protects the integrity of your website – HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages.
  • HTTPS protects the privacy and security of your users – HTTPS prevents intruders from being able to passively listen to communications between your websites and your users.

If that isn’t enough, below are 2 additional reasons why increasing the security of the site could benefit your business.

Does HTTPS Offer A Generic SEO Boost?

When two similar sites have similar SEO values, the inclusion of an SSL certificate could be enough to nudge your website above your competitor.

Whilst no-one knows precisely what Google’s algorithms look for, it is widely believe that it is Google’s goal to offer the best possible user experience. Increased online safety would certainly fall under this umbrella and therefore having a secure site (HTTPS) can help you rank higher on Google.

Mobile Search Boosts

Are you serious about being found online? You can no longer ignore mobile search optimisation. Because many modern browsers and phone applications require HTTPS in order to perform correctly, failure to add this to your website could leave you lagging behind your rivals.

Contact Us

If you would like to speak to someone about increasing the security of your website, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: How To Give Your Website An Additional SEO Boost
By | April 11th, 2018|Security|Comments Off on How To Give Your Website An Additional SEO Boost

The Top 3 Ways Your Website Can Be Targeted By Hackers

Trying to stay ahead of hackers can be a very tricky and time-consuming process. However, by getting to grips with some of the most common methods of entry to your website, your online security can significantly improve.

In the article below we will highlight 3 of the most common ways hackers can gain entry to your website.

No. 1 – Compromised Passwords

It will probably come as no surprise to know that attackers use a variety of automated methods of guessing passwords until they get the right one.The Top 3 Ways Your Website Can Be Targeted By Hackers

To help make things as difficult as possible we recommend 2 steps.

  • Ensure you use different passwords for each platform
  • Wherever possible, use a secure password (a password containing random letters, numbers and characters)

You can quickly and easily create secure passwords by clicking here.

It’s absolutely essential to avoid re-using passwords because once hackers have identified a working combination of username and password, they are almost certain to try all other services to see if they can gain access to those as well.

No. 2 – Not Updating Your System

Ensuring that Windows and any software which you may use are updated regularly is extremely important to avoid unnecessary risks

A recent ‘ransomware’ attack used a vulnerability in older versions of Windows to access PC.

It is not possible to overstate how important it is to periodically check for software updates for your site in order to correct any existing vulnerabilities.The Top 3 Ways Your Website Can Be Targeted By Hackers

Please Note – The best course of action is often to set up automatic updates for your software. This will ensure that even if you forget, any updates should automatically be installed without you having to take any further action.

For more on the recent ‘Ransomware’ story, please click here.

No. 3 – Keep All WordPress Themes & Plugins Up To Date

The use of plugins and themes with WordPress offer a fantastic way to increase the usability, functionality and look of your website. However, it must be noted that outdated themes and plugins can be a major source of vulnerabilities on websites

The good news is that through the dashboard of your WordPress website, you should be able to keep all themes and plugins up to date.

These are just a small number of the methods of entry which hackers can use to attack your website but the good news is that it is possible to take steps to beef up the security of your website.

Contact Us

If you would like to put your website in the hands of a company who can help to keep it safe, please contact Footprint Web Design on Tel. No. 01883 372488 today.

Currently Browsing: The Top 3 Ways Your Website Can Be Targeted By Hackers

 

By | July 3rd, 2017|Security|Comments Off on The Top 3 Ways Your Website Can Be Targeted By Hackers
Top