It has become impossible to avoid the headlines announcing that our data is being breached, from credit card information and social security numbers to other personal information. Each day, it seems there are reports of nefarious behavior happening in our Internet / cyber world environment. Due to this, there are five questions I challenge you to consider:
- Have you ever entered any of your personal information (e.g., credit card, social security number, etc.) on a company’s or individual’s website?
- If you have, did you wonder whether the website you were using was “safe”?
- Have you ever wondered if there was a way to know if a particular website you have been using is “safe”?
- How many re-issued credit cards have you personally received from your bank where you were notified that your card was possibly breached based on an “undisclosed source?”
To find the answers to these questions, go to www.ssllabs.com. You can test a URL/website that you either have used or will be using to see what kind of security rating they receive. Simply enter a URL, then click submit, and receive a free, detailed security assessment of that particular website.
The first URL/website I entered when I first learned of this free on-line service was my banking institution (e.g., www.<enteryourbankurlhere>.com). Then, I tested the ecommerce websites I most frequently use.
I’m fortunate in that my banking institution received an “A” on its scan. Unfortunately, not all websites I use fared this well.
For the websites that did not fare so well, I had to consider my options. I could call the company to tell them their website is receiving a negative security rating and I’m a concerned customer, use the site in the future for informational purposes only and do not provide sensitive information, or avoid the site altogether until the website improves its rating.
So if you were wondering about the fifth question, here it is:
5. Will you go to this website to check the security rating of a website before you enter sensitive data into it?
Provide – and use – information responsibly
I would urge you to keep in mind that not only do merchants, service providers, payment processors, and others have a responsibility to protect the data that you entrust to them, but you also have a responsibility to be careful with whom and how you provide your sensitive information.
It is important to note this information is not to be used for hacking purposes, as you will see by the terms and conditions on this SSLLabs website. I would be remiss if I did not mention that if we can freely run a URL through this feature to learn whether a website is secure so that we can protect our data, a hacker could just as easily access this information for their nefarious purposes.
One of many things the Internet has done for us is it has given more power to the people to obtain information about our companies.
Here are a few important questions to consider from a business perspective; let us know your thoughts in the comments below.
- What does the result of this SSL test reveal about your organization?
- If a nefarious person out to obtain your company’s information used this link to test your URL, could this data be used to breach your company’s network?
- Will you go see what this website says about your company before your customers or nefarious individuals run this report? If so, will you take action to protect your organization?