Data storage weaknesses present cyber risk for site visitors

Published on: 11 Jul 2017

Small online businesses may be breaching privacy regulations due to a shortfall in security measures, a new study suggests.

Whenever a user visits a website, they freely share information about themselves, by making purchases, signing up for newsletters, or agreeing to terms and conditions, and this information can provide valuable analytics for anyone managing a website.

However, 63 per cent of the 302 website managers surveyed by B2B professional services company Clutch.co confess they don’t actually have common security features in place right now.

The research found that the most widely collected data points were email addresses (57 per cent), names (47 per cent) and locations (45 per cent).

An email address is one of the most dangerous pieces of information to share, in the view of Idan Udi Edry, chief executive of Trustifi, which specialises in email transaction data security and privacy.

He explained: “When data is correlated over multiple web services, whether that is a Gmail account, a bank account, a password retrieval from Facebook, family-oriented documents, travel-agency information, and so on, it is done through the email address.”

For almost half of website managers, any collected data was stored on their website or via a third-party app, such as Dropbox. A quarter stored the information offline.

More than a third (37 per cent) of websites use encryption to help protect information, while an additional 21 per cent intend to add encryption this year.