Partly Cloudy

Partly Cloudy

max temp: 4°C

min temp: 2°C

Search

Hadleigh-based web development firm Free Rein issues warning over progress towards GDPR compliance

PUBLISHED: 17:35 17 October 2017 | UPDATED: 17:36 17 October 2017

New regulations on data protection
 come into effect next May.
Picture: Sonya Duncan

New regulations on data protection come into effect next May. Picture: Sonya Duncan

ARCHANT EASTERN DAILY PRESS (01603) 772434

Businesses are making little progress in improving online security ahead of new data protection rules coming into effect next year, according to a Suffolk web development and digital marketing firm.

Andrew Johnson of Free Rein.
Picture: Free Rein Andrew Johnson of Free Rein. Picture: Free Rein

And the lack of urgency shown so far is about to become clearer, says Andrew Johnson of Hadleigh-based Free Rein, with the widely-used Google Chrome browser starting to flag relevant pages as “Not Secure”.

The General Data Protection Regulation (GDPR), which comes into force on May 25, 2018, imposes new requirements for the corporate storage and processing of personal information, with breaches potentially resulting in fines of up to 4% of turnover or 20m euros, which ever is greater.

Free Rein began been conducting passive testing of websites since June this year, since when the proportion of UK sites found not to be secure has barely changed from around 70%.

Mr Johnson says part of the problem is that many website owners wrongly believe that SSL encryption certification is only required for transactional websites when, in fact, it is needed for any site with fill-in forms.

As of today, he adds, Google Chrome is due to start highlighting uncertificated pages that can be filled in as “Not Secure” in the address bar.

“Another misconception is that ‘only the contact page is not secure’. This is also not true,” says Mr Johnson. “You cannot have an insecure contact form and the rest of the website secure, because a contact form becomes secure by having valid SSL certification for the website.”

More than one third of problem sites are not secure solely due to invalid SSL certification, often because the certificate is in the wrong name, he says.

Other security issues can include username and login name visibility, user enumeration (where attackers are able to see usernames and logins by performing scans), the use of blacklisted IP addresses and vulnerability to “Poodle” attacks (where a server complies with a rogue request to downgrade its security protocols).

“In summary, it is now the time to secure your website by getting it locked down,” adds Mr Johnson. “It could be a challenging time for many businesses if their potential clients are deterred from submitting enquiries due to forms on the website stating: ‘Not Secure’.”

Culture secretary and Suffolk MP Matt Hancock has announced that church spires will be used to boost broadband and mobile connectivity in rural areas.

A regional search and rescue organisation dedicated to finding missing people now has three new dogs in its team.

SPOILER ALERT: Did Ipswich man James Scharmann whisk a date off to the isle of Fernando’s? Find out here.

A male was taken to hospital after police were called to reports of a group of people fighting in Ipswich.

Will football fan James Scharmann from Ipswich find love on ITV’s ‘Take Me Out’ tonight?

School choirs from across Suffolk are fine-tuning their performances for competition with the Great EACH Choir Off now just a few days away.

An Ipswich based recruitment agency is stepping up to sponsor this year’s Midnight Walk for St Elizabeth Hospice.

Ipswich and Bury St Edmunds are among KFC branches across the country forced to close because of a problem with the company’s supplier.

Police have found a man who went missing after a car ‘flipped three times’ in a crash near Snape Maltings last night.

An independent Suffolk music venue has warned that a “long, sober look” is needed at supporting live music venues across the country, as a new national survey reveals threats to the future of some spaces.

Most read

Show Job Lists

Topic pages

Newsletter Sign Up

Sign up to receive our regular email newsletter
MyDate24 MyPhotos24