Protecting personal information is a serious concern for everyone, and when choosing suppliers online for whatever purpose, it will be necessary to share some information in order to avail yourself of the services being offered. It is your responsibility to choose carefully who you trust with your personal information.
- Does the business have an established brand and reputation to protect? Although we often hear about big names being involved in large scale data breaches, it is reasonable to say that a business with a lot to lose will make more effort to protect your personal data than businesses that are here today and gone tomorrow.
- How did you arrive at the website? If you arrived in response an advert, did it create a sense of urgency such as offering something at a discount that is only available today? There is always a reason why someone wants you to make a decision quickly. Businesses wanting to establish themselves in the marketplace will be happy for you to make your own decision in your own time.
- Has this business been involved in security incidents and loss of data? Information is often available about such events on the Internet and easy to find with search engines.
- How secure is the website? A number of different factors can be considered with regards to website security. Firstly, does the site use HTTP or HTTPS in its website address? Other factors such as how password reminders work. If your password is sent to you as plain text by email it demonstrates how they feel about your security.
- Does the website clearly show how the business can be contacted, the registered address, trading address, contact telephone numbers and contact email addresses?
- How much information does the site ask for when you are asked to sign up? There is a growing trend for websites to demand more information than is actually needed. Stop and think about why such information might be needed and be ready to walk away. National Insurance numbers for example are required only when dealing with HMRC and employment related matters, so no other business has any legitimate purpose in requesting such information.
Being suspicious can be a healthy attitude to take. An important point is to avoid impulse- buying scenarios. Ask yourself, if you didn’t know you needed ‘this’ yesterday, do you really need it right now? It won’t hurt to take your time, speak to other peoples, think about it more, sleep on it, and make a decision later. Last year I wrote an article called ‘The Website Credibility Test’ which contains more information relating to this article.
Information security consultant with over 20 years’ extensive experience gained across a diverse range of private and public industry sectors including insurance, banking, telecommunications, health services, charities and more, both in the UK and internationally. Graduated in 1997 with a software engineering degree and specialising in cyber security, risk analysis, compliance reporting and access management.