GDPR, May 25th 2018, is your website compliant?
Before we go any further, I just want to stress the importance of GDPR. For simple negligence, we’re looking at lower-level fines of €10 million or 2% a company’s global annual turnover, whichever is highest. Serious fines are nearer €20 million or 4% a company’s global annual turnover, which ever is highest. It’s safe to say that even the entry level fines could cripple most SMB’s. And don’t think that because your an SMB they’re going to treat you any different. Also, I know you’re probably thinking it but no, Brexit doesn’t change a thing. This will still apply to the vast majority of businesses!
So the point of this article is just to explain about SSL certificates, and why you need them for your site. It’s only one tiny detail of whats needed for GDPR, but as we’ve recently ran a campaign to on-board our customers to this set-up, we thought we could share the experience.
First of all, why do you need an SSL? The simple answer to that is data protection, or rather protecting the identity of those who are visiting your website. Lets say for instance that Mr John Doe, a visitor on your site, decides to make contact with your company through the contact form. Without an SSL, John Doe’s message, which could include his email, telephone, address or any other private information is sent through the web without encryption for anyone to intercept and read. Add an SSL into the mix, and you’ve just scrambled that message.
What should you expect to pay for an SSL? The certificate itself ranges from around £100-£200 depending on provider. Your developer may wish to charge you a fee for implementation as they can take some time to set-up and configure the site to work properly on HTTPS. You shouldn’t expect to pay more than 1 hour for this set-up. We’ve recently performed the implementation for free as part of our Websafe Protection agreement for all customers on our hosting plan.
Now is the time to reach out to you web developer and ask them if they can help you with setting up an SSL certificate. Hopefully our impartial advice will confirm for you that this is indeed a necessity and not an added extra that your web agency is trying to force upon you without reason.