Protecting personal information is a serious concern for everyone. When choosing suppliers online for whatever purpose, it will be necessary to share some info to avail yourself of the services. It is your responsibility to determine who you trust with your personal information.
- Does the business have an established brand and reputation to protect? Although we often hear about big names involved in large scale data breaches, it is reasonable to say that a business with a lot to lose will make more effort to protect your data than those are here today and gone tomorrow.
- How did you arrive at the website? If it was in response an advert, did it create a sense of urgency such as offering something at a discount that is only available today? There is always a reason why someone wants you to make a decision quickly. Businesses wishing to establish themselves in the marketplace will be happy for you to make your own decision in your own time.
- Has this business been involved in security incidents and loss of data? Information is often available about such events on the Internet and easy to find with search engines.
- How secure is the website? Does the site use HTTP or HTTPS in its website address? Other factors, such as how password reminders work. If your password is sent to you as plain text by email, it demonstrates how they feel about your security.
- Does the website clearly show how to contact the business, the registered address, trading address, contact telephone numbers and contact email addresses?
- How much information does the site ask for while signing up? I have observed a significant increase in websites demanding more information than is needed. Please stop and think about why they need such information and be ready to walk away. National Insurance numbers, for example, are required only when dealing with HMRC and employment-related matters, so no other business has any legitimate purpose in requesting such information.
Being suspicious can be a healthy attitude to take. Avoid impulse-buying scenarios. Ask yourself, if you didn’t know you needed ‘this’ yesterday, do you need it right now? It won’t hurt to take your time, speak to other peoples, think about it more, sleep on it, and make a decision later.
Last year I wrote an article called ‘The Website Credibility Test’ which contains more information relating to this article.
Robert is an information security consultant with over 20 years of experience across a diverse range of organisations, both in the UK and internationally. Robert graduated in 1997 with an honours degree in software engineering for security and safety-critical systems. Robert is contactable directly through LinkedIn.