Tips on Websites Security
Safety and Security are basic needs for human beings. This applies to all aspects of our life. It is there when we choose the place to stay in, while travelling, at work and when we need to shop.
Security over the net is no exception. It’s in fact, a major topic that all users shall put at their top priority. It is equally important for users, who consume or receive services, and for those who provide them. With the technological advancement and the threats of misusing the information, services, and products over the net, it is increasingly becoming a real challenge to service providers to ensure.
A friend once asked, as a normal end user with no technological experience, what should I look into to ensure the site is secure enough to openly deal with? Combining knowledge and experience, here are some tips to make use of.
1. Site Legality. You should find out who is behind the site. Is it an individual, team of individuals or a company that has a legal entity and commercially registered in a country, even if it operates regionally or internationally? This is very important to build confidence that you are dealing with an entity that has legal existence in reality. For sure you can deal with sites owned by individuals, but for reliable information, trust to share your details, and for purchasing online you must take extra care.
To know who you are dealing with visit the site “Contact Us” or “About us” sections and look for information about the company ligament existence like legal registration reference, address and contact details.
2. Level of privacy. Does the site respect the privacy of its customers and users? For example does it give you as a user the option to choose which information to share with public and which to keep private for yourself? Also does it share its customer’s information with other sites or it respects the deal to keep the information to their site only. This shall be clearly stated in the site privacy policy.
3. How does it handle user’s information? Some sites over look this aspect by sending and receiving customers’ information in textual format that can be easily captured and read by hackers. With the technological advancement there are worldwide tools to ensure that data exchanged over the net is encrypted.
You can easily check if the site has inception tool. The pages on which you share your information should be marked with “https” in the URL instead of http. The small “s” here means secured page. The site should also have the sign of the certification company, examples of which are VeriSign, RapidSSL , COMODO , etc. You can click on the certification icon appearing in the site to verify it is a valid certificate.
4. Check where your Credit Card details go? If the site is an eCommerce site (e.g. Online marketplace, Business-to-business site, etc.) which requires online payment by credit or debit cards, then you need to take extra measures of care. In this case, the site would use what is known as Payment Gateway to process your Card details.
You need to find out if this site has its own payment gateway or it uses a 3rd party payment gateway. In case it uses a 3rd party payment gateway, then the site itself, should not capture your card information. It should direct you to the payment gateway site where you enter the card details. In other words, the site, itself, should not capture the card number, expiry date or any other card details.
It goes without saying you should check who is the payment gateway owner, is it a trusted source, well-known within your country or a trusted partner to big players (Amex, Visa, Master and Diners)?
5. Where the site is hosted? Last but not least you need to make sure that the site is linked to the internet over a tightly secured network. Technically this is called Hosting. “Hosting” means where the site is running from and who is handling its network. This is of great deal as it tells how good this network is and how secure it is from hacking and spamming.
But again for an average internet user, how could this be checked? As the norm with any relevant matter in internet you can Google it. You can search in Google, or any other well-known search engine, “where the site is hosted” or you can search for “where the IP address is located?”.
www.maxmind.com is one example where you can use the site URL or IP address to find where the site is running from.
Though there is nothing in life that is 100% secured, neither on businesses running online nor offline, but what matters is that a good level of security exists on the business. This level should instill trust to deal with the said site and company behind it.
We wish you a secured online surfing and shopping.
We would be happy to receive your valuable comments on this article.
Sincerely Yours,
Twindi team
www.twindi.com