Partly Cloudy

Partly Cloudy

max temp: 8°C

min temp: 0°C


Hadleigh-based web development firm Free Rein issues warning over progress towards GDPR compliance

PUBLISHED: 17:35 17 October 2017 | UPDATED: 17:36 17 October 2017

New regulations on data protection
 come into effect next May.
Picture: Sonya Duncan

New regulations on data protection come into effect next May. Picture: Sonya Duncan


Businesses are making little progress in improving online security ahead of new data protection rules coming into effect next year, according to a Suffolk web development and digital marketing firm.

Andrew Johnson of Free Rein.
Picture: Free Rein Andrew Johnson of Free Rein. Picture: Free Rein

And the lack of urgency shown so far is about to become clearer, says Andrew Johnson of Hadleigh-based Free Rein, with the widely-used Google Chrome browser starting to flag relevant pages as “Not Secure”.

The General Data Protection Regulation (GDPR), which comes into force on May 25, 2018, imposes new requirements for the corporate storage and processing of personal information, with breaches potentially resulting in fines of up to 4% of turnover or 20m euros, which ever is greater.

Free Rein began been conducting passive testing of websites since June this year, since when the proportion of UK sites found not to be secure has barely changed from around 70%.

Mr Johnson says part of the problem is that many website owners wrongly believe that SSL encryption certification is only required for transactional websites when, in fact, it is needed for any site with fill-in forms.

As of today, he adds, Google Chrome is due to start highlighting uncertificated pages that can be filled in as “Not Secure” in the address bar.

“Another misconception is that ‘only the contact page is not secure’. This is also not true,” says Mr Johnson. “You cannot have an insecure contact form and the rest of the website secure, because a contact form becomes secure by having valid SSL certification for the website.”

More than one third of problem sites are not secure solely due to invalid SSL certification, often because the certificate is in the wrong name, he says.

Other security issues can include username and login name visibility, user enumeration (where attackers are able to see usernames and logins by performing scans), the use of blacklisted IP addresses and vulnerability to “Poodle” attacks (where a server complies with a rogue request to downgrade its security protocols).

“In summary, it is now the time to secure your website by getting it locked down,” adds Mr Johnson. “It could be a challenging time for many businesses if their potential clients are deterred from submitting enquiries due to forms on the website stating: ‘Not Secure’.”

Colchester’s moment in the spotlight during Thursday’s evening’s BBC Question Time programme was cut short after a member of the audience was taken ill.

Police have released online safety advice for shoppers looking for a bargain on Black Friday and Cyber Monday.

An airwoman from RAF Lakenheath has died following a crash on the B1106 at Elveden in the early hours of this morning.

Drivers in south Suffolk are warned to be vigilant as police investigate reports of more than 10 thefts from vehicles in less than two weeks.

The route has been revealed for this year’s much-loved Rudolph Run, where Santa and his happy helpers spread festive cheer around Ipswich.

Urgent action is being taken to recruit and retain clinicians within GP surgeries in Ipswich and east Suffolk as NHS bosses warn of an impending workforce crisis.

A key road in Ipswich will remain closed “for the foreseeable future” over fears about the stability of a building in the area.

The campaign to compensate women who lost years of pension contributions has been backed by Ipswich council.

A woman has been taken to hospital after she was involved in a collision with a van in a Suffolk town today.

A live hand grenade, a stuffed tarantula in a cage and a voodoo kit containing human hair are among the quirkiest donations to an Ipswich charity shop.

Most read

Show Job Lists

Topic pages

Newsletter Sign Up

Sign up to receive our regular email newsletter
MyDate24 MyPhotos24