Is your website really secure?

The fastest way to get your email address added to spam lists is to have it intercepted by someone ‘sniffing’ insecure web data traffic.Website security comes with so much jargon it is often left to chance in the hope those hosting/looking after your site will be your defence against foul.First; consider your own circumstance:Does your website have some kind of contact form?Have you filled in a form on a website – and did you check to see if it was a secured form?Why do I ask? Well, if you send or receive details via website forms and it doesn’t use a secure connection those very details are on an un-covered wagon train around the world from your computer to the webserver. If they are personal details they can be very useful to the portion of the world that like to intercept data – starting with your email address.To add some perspective: Up until the late 1990’s most radio communication (cellular, cordless phones, radio telephones) all used analogue transmission – that anyone with a suitable receiver and some knowledge could generally intercept. If you were discussing personal details chances are someone was listening – somewhere.As technology evolved the cost and ease at obtaining a radio receiver increased – so did the ability to intercept radio communication. The exact same is true for internet data traffic.It wasn’t until radio communication switched to digital and was then encrypted that your message was again secure.From a website standard a Secure Sockets Layer (SSL) connection between the user and webserver is the safeguard any data you submit via a form is safe from interception.The same too applies to email. Most email services urge use of secure protocol – for the exact same reason.The message is simple: If you have a website that your users need to submit information then secure it. The savvy user will be exponentially more likely to interact with your site if they can see it uses a secure connection.Same too if you visit a website and have to fill out a form – that contains your details.The fastest way to get your email address added to spam lists is to have it intercepted by someone ‘sniffing’ insecure web data traffic.How do I know if the connection is secure? The easiest test is to look at the website browser address. If it is prefixed with https:// then it uses the ‘s’ for secure protocol. Most browsers will highlight the prefix link with a green bar or padlock symbol.What if I just type https:// in front of the website I want to view? Unless it has the provision to handle a secure connection then your attempt will be worth nothing. It is up to the website owner/host to provide the secure connection. Surprisingly the starting cost of providing this service is small (less than US$50/year).Are your website visitors worth that? Is the protection of your personal details worth that?Let me know if you’d like more information.