SaaS News Hubb
Advertisement
  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us
No Result
View All Result
  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us
No Result
View All Result
SaaS News Hubb
Home Software Development

Why Third Parties Are Taking an Interest in Your Client’s Website Security

by admin
May 16, 2022
in Software Development
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter


Website security is serious business. That’s not news to most web designers. It’s something we have to account for in how we build, the hosting company we use, and the software we trust.

And while there are plenty of best practices to follow, securing a website is a major challenge. Fending off automated attacks against content management systems (CMS), training clients, and continuously updating software take their toll. We can lessen the risks, but can’t fully mitigate them.

For years, security processes were primarily between a designer, host, and client. But increasingly, other third parties are taking an active interest. And web designers are getting caught in the middle.

If this hasn’t impacted you yet, it may be just a matter of time. Thus, freelancers and agencies need to take notice of this trend.

Let’s take a look at what’s happening and how web designers can be prepared.

The Web Designer Toolbox

Unlimited Downloads: HTML & Bootstrap Templates, WordPress Themes & Plugins, and much, much more!

Who’s Involved?

Granted, third-party interest in web security isn’t completely new. eCommerce sites have long had to deal with PCI compliance. And government regulations have aimed at areas such as user privacy – which could also be considered a security concern.

However, there seems to be increased input from other sources – particularly the insurance industry. They’re becoming keen on web security as it relates to their clients.

Organizations that require insurance, such as businesses and non-profits, are very likely to have a website as well. Just as they take a physical location’s well-being into account, insurance companies are starting to look at websites in the same way.

For example, let’s think about a typical brick-and-mortar retail store. Before providing insurance to a retailer, an insurer might consider:

  • The structural integrity of the building;
  • The types of merchandise being sold;
  • Any anti-theft security measures the retailer has put in place;
  • The number of employees;
  • Yearly revenue;

We’re now seeing similar concerns being extended to websites.

Security cameras on a wall.

What Aspects of Website Security Are They Looking At?

Securing a website requires constant effort and encompasses several areas. Some factors, such as web hosting and SSL certificates, are fairly universal. But others may depend on how the website was built.

That means a static HTML site will have different security needs from one built with WordPress. And then there’s integrating third-party APIs, data collection, and financial transactions. Each presents a unique challenge.

Yet, there’s no guarantee an insurer is going to take a realistic view of these nuances. They may well employ an all-of-the-above strategy, even if specific elements don’t apply to a client’s website.

Industry veteran (and a colleague of mine) Wayne Kessler opines, “My biggest concern is the creation of unnecessary work and cost due to contractor (which is what an insurance company or a security consultant is) specified ‘standards’ that are oversized to risk.  A cyber insurer’s job is to sell insurance that preferably won’t have any claims on it.”

He continues, “So, they can want websites locked as tightly as possible without due consideration of the ramifications of functionality or cost. It is not always possible to limit login access to a small IP range. SFTP is still needed for sites. A client might need to be able to send files back and forth to their designer.  Workflow, site management, user functionality – these cannot be ignored when talking about security without the possibility of greatly reducing the value of the website.”

A padlock sits on a computer keyboard.

Advice for Web Designers

As is often the case, web designers are liaisons between our clients and a third party. In this case, insurers will hand clients a laundry list of website security considerations. From there, it’s up to us to make sense of them, implement what’s feasible, and effectively communicate.

There are a few potential roadblocks. The biggest is that you may not have control over every situation. For instance, some security measures may require the cooperation of a web host or plugin developer. Whether or not they comply is entirely up to them.

The potential cost is another consideration. The investment required to implement certain items may go beyond what your client is willing or able to pay.

Kessler says that web designers need to stay in the loop during the process, noting that “security standards seem to be expanding quickly with the growth of these industries, but that doesn’t mean these standards should apply to just any website. If you don’t take financial transactions on your website, or if you don’t keep user/customer data on your website, there are recommendations for these that should not apply. Beware of ‘oversizing’ the needs for security protection.”

It’s also important to recognize that many hands play a role in website security. According to Kessler, “Every story we read about identity theft comes from a gap in data protection. Web designers don’t want to be an identified gap. Similarly, you don’t want to manage a site that has a virus, is generating spam, or is locked up by rip-off artists. There are options to mitigate those risks. Web designers, and website owners, should take those options.”

The key is to control what you can and make sure your clients have an understanding of what’s involved.

Two people participate in a video conference.

Dealing with the Increasing Complexity of Web Security

As if web security wasn’t already a complex subject, the introduction of insurers and other third parties only adds to the stress. For web designers, it seems like yet another burden placed on our shoulders.

Still, this is part of our ever-evolving job description. As building and maintaining websites continue to change, it’s up to us to stay on top of best practices. In a sense, this development is a natural extension of that evolution.

Thankfully, the skills we’ve picked up in communicating with clients and adapting to new technologies can serve us well. Those experiences have prepared us to take this new challenge head-on.





Source link

Previous Post

The 4 Startup States During a Recession

Next Post

Zero Trust Strategy: Part 2 Identity

Related Posts

Software Development

Pluralsight LIVE 2021 Week 1 recap: Stronger together

July 1, 2022
Software Development

Weekly News for Designers № 650

July 1, 2022
Software Development

What is Web 3.0 and Why it Matters for Your Business?

July 1, 2022
Software Development

Advanced Persistent Threat Attacks | Pluralsight

June 30, 2022
Software Development

6 Free Animated Typeface Templates for After Effects

June 30, 2022
Software Development

What Is Scrum Development or Agile Scrum Methodology?

June 30, 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Most Popular

News

How Customer Loyalty Can Drive B2B SaaS Business Growth

July 1, 2022
What is Gross Revenue? [+ How to Calculate & Record It]
News

What is Gross Revenue? [+ How to Calculate & Record It]

July 1, 2022
Software Engineering

Write Better Commits, Build Better Projects

July 1, 2022
Software Engineering

The Overflow #132: The 2022 Dev Survey results!

July 1, 2022
Software Engineering

A Guide to Animating Mobile Data Visualizations

July 1, 2022
Software Engineering

Earthly Builds with Adam Gordon Bell

July 1, 2022
Software Development

Pluralsight LIVE 2021 Week 1 recap: Stronger together

July 1, 2022
Software Development

Weekly News for Designers № 650

July 1, 2022
Software Development

What is Web 3.0 and Why it Matters for Your Business?

July 1, 2022

© 2022 Sass News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy

Navigate Site

  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us