Last week, LinkedIn announced a massive data breach where roughly 93% of their members’ private information was put up for sale online. What does this mean for you as a business owner? Most urgently, you could be one of the 700 million LinkedIn members whose information is out there being sold, but also, strategically speaking, as a business owner you probably want to look deeper into your own web site’s security, especially if you are collecting information from users (and it doesn’t have to be financial in nature to be important).
According to RestorePrivacy, the LinkedIn data that was stolen did not include login credentials or financial information, however, lots of other important personal data was accessed, such as names, addresses, email addresses, and even other social account and username data. Think about your site and the type of information you collect. Have you implemented SSL security to keep your site secure for your visitors?
What is SSL Security and is it Necessary for your SMB?
SSL is an acronym for Secure Sockets Layer. To protect your site by encrypting data, you will need to purchase an SSL certificate though there are some free options that we recommend such as the nonprofit Certificate Authority LetsEncrypt. Once your site has the SSL certificate, Google Chrome and other web browsers shows your site as encrypted by displaying the HTTPS (versus the older standard HTTP) at the beginning of your site URL. This level of security is now the standard rather than just a recommendation.
In 2017, Google started flagging all non-HTTPS sites as “not secure,” as stated in Google’s security blog so yes this is pretty important. Having a non-HTTPS site can negatively affect your business by driving away visitors before they even have a chance to explore your website. Who wants to continue to a site that gives a “Not Secure” warning on the web site?
Next up: WCAG 2.1/ADA compliance
While in the process of ensuring your site is secure, it’s also a great time to make sure you’re meeting important legal requirements when it comes to ADA compliance. In doing this, you’ll be guaranteeing accessibility, equity, and service to all who visit your website.
The Department of Justice (DOJ) published the Americans with Disabilities Act (ADA) Standards for Accessible Design in September 2010. These standards state that all electronic and information technology must be accessible to people with disabilities. The World Wide Web Consortium (W3C) sets the main international standards for the World Wide Web and its accessibility. W3C created the Web Content Accessibility Guidelines (WCAG 2.1), which are similar to Section 508, but on an international level.
Many countries and international organizations require this type of compliance. In part two of this series, we will delve deeper into WCAG 2.1, ADA compliance and how to ensure that your site is secure and accessible to all.
Tomato Fish Is An Indianapolis Consulting Company Focused On Helping Small And Midsize Businesses Make Good Strategic Planning Decisions. If you need help building a solid marketing foundation for your business, schedule a free 30 min consultation.