App Ed Review
By: Dennis Hamming, January 12, 2021
The internet has been providing users with entertainment, information, news, and sometimes just bizarre websites for decades now. It was once the domain of amateur website designers knocking out Geocities websites full of tacky GIFs and terrible soundtracks.
These days the internet is used by the biggest companies in the world to transfer vast sums of money and information. Not to mention Governments and sensitive, confidential data.
While there are still many personal, amusing sites you can surf, the internet is now an area that attracts huge amounts of criminal activity. No longer can anyone make an HTML site for a business and expect it to be safe from hackers. Cybersecurity is a vital area for a web designer to understand. Here are some of the reasons and areas that need to be understood.
So web developers have to know cybersecurity?
No, they don’t. But, they certainly should. Any good designer will know the importance of planning to avoid problems later down the line. Why should security be any different?
If web designers and developers knew cybersecurity then this could help prevent weaknesses further into development. From the first time the design team sits down, they should be thinking of cybersecurity and how to minimize any attack that may occur once the site is live.
What are the possible impacts on a web designer from an attack?
If your agency or studio designed and developed a website that was then subject to an attack that exploited your work then your company would suffer damage to its reputation. While you may not be financially liable for a hacker infiltrating servers and networks it won’t help with future contracts if it was revealed that a design flaw helped the criminal gain access.
So web design companies aren’t liable for damages?
This is something that all web professionals will start to discover soon enough. Like any area of business, risks are covered by insurance companies. These institutions take payments and promise to help out financially if any catastrophic event occurs.
They don’t like paying out unnecessarily.
That means if someone is to blame for the said disaster then they will want to be reimbursed financially or otherwise. The Zynga data breach launched a lawsuit on the owners.The next obvious target in this area is the web developer or contractor. This is pretty scary, right?
How can you help yourself as a web designer?
This depends on your skill levels and what you are doing as a designer. You may be a freelancer working from home designing small business sites that do not involve much data. You could of course be working for a large corporation maintaining the company’s website.
General security protection
If you are a web design enthusiast or freelancer then simply keep ahead of the game by learning cybercrime trends. Basic online security tips can help you keep safe. Keeping up to date with your own computer’s security, use private networks and VPNs, and back up your data.
For professional web developers and teams
Consider asking team members to take on extra education. Obviously, in a real life environment, it is difficult to find extra time. But, having members of your team with an MSc in cybersecurity or a CEH or OSCP can save you and your clients from future, potentially devastating online attacks.
What areas are at risk?
Unfortunately, hackers are constantly looking at new ways to find their way into networks and systems. While you are protecting all the payment gateways you may be neglecting other areas and it is these weaknesses that they look to exploit. There are more than a few documented attacks on forums where the security was weak but still exposed usernames and passwords. Zynga and Dota2 both had famous cyber-attacks leading to the leak of millions of passwords.
You have to remember that most users repeat their usernames and passwords across various platforms so the seemingly innocuous leak from one website might mean gaining access to something more lucrative, such as a bank account. As a typical computer user or even a part-time designer you should protect yourself with antivirus.
Summary
With the constant development of apps, games, and websites that use e-commerce and personal accounts, your information is being spread far and wide. Education is a great way to stay ahead and enrolling in cybersecurity or learning to be an ethical hacker can help stay ahead of the cybercriminals. As a web developer, you need to be more aware than most users of how to stay safe and protect your clients.
Encrypting data, backups, properly qualified IT staff maintaining servers are part of this but you need to do the basics too. It is so easy to forget not to turn on a VPN or connect to a public network on a laptop with sensitive info.
