Over 50 percent of websites collect visitors’ email addresses, creating the possibility of privacy breaches, according to new research from business research and reviews platform Clutch.
Website visitors’ email addresses are most commonly collected (57 percent), followed by names (47 percent), and locations (45 percent), the survey found. Although this information can provide valuable insights for businesses, inconsistent security measures may increase the risk to visitors’ privacy. Industry leaders point out that email addresses present the greatest security risk to consumers.
“When data is correlated over multiple web services, whether that is a Gmail account, a bank account, or a password retrieval from Facebook, it’s done through the email address,” said Idan Udi Edry, CEO of Trustifi, a company specializing in email transaction data security and privacy, in a news release. “The combination of an email address and a name is enough [for a hacker] to start the reconnaissance on someone as a user.”
Although security tools are widely available, 63 percent of website managers admit that they do not currently use common security features, including encryption. Michael Tys is a mobile developer at TechMagic, a mobile app and web development studio based in Ukraine. He believes cumbersome user experience may explain the lack of widespread adoption of security tools.
“The user is required to do a lot of things—provide your password, your cat’s name, the street you’re living on, your favorite number,” said Tys, in the release. He is encouraged by the increasing availability of banking and other apps that use a fingerprint to unlock encrypted information.
Once a website visitor’s information has been collected, decisions about storage and hosting can help to avoid privacy risks.
When it comes to how they host their sites, website managers are split nearly evenly. Forty-seven percent (47 percent) use self-hosting services, while 49 percent use externally managed servers. Self-hosting provides the highest level of security and control.
Websites are also split in how they store visitors’ information. Many rely on a combination of storage on the website itself (48 percent), on a third-party app (46 percent), or offline (25 percent), all of which can benefit from widely available security tools.
Despite this evidence of privacy risks, the survey also found that respondents are aware that improvement is needed. In particular, use of encryption appears to be on the rise: More than one in five respondents plan to encrypt sensitive information this year.
Clutch’s 2017 Website Security Survey included 302 website managers who built and/or maintain a website for personal, business, or other use.