Business Owners: Let’s Talk Programming Security

Wednesday, February 20th, 2013

Business Owners: Let’s Talk Programming Security

When business owners hear the word “security” their minds generally think of their bank accounts, alarms and vehicles. Website security is usually not at the top of their list, but with the constant exchange of personal information online with your customers, it needs to be a serious consideration.

“How you manage, store and protect information is all about integrity, and should be on the mind of every business owner when developing a website,” said Chris Lo, President and Creative Director at Matcha Design.

We sat down with Matcha Design’s programming team, to get a behind the scenes perspective at programming security and why it is so important:

Why should business owners care about security when partnering with an agency?

It’s important for business owners to partner with a Web design agency that takes all reasonable measures to ensure the security of your information, as well as the information of your customers. Developers lay the foundation for your site’s security and need to be knowledgeable in more than just basic security practices. A good developer must understand the need for security and the steps that can be taken to improve it, and also be able and willing to execute those steps. Knowing not to store passwords in plaintext is a start, but a developer should know the difference between a reversible encryption, a single-pass MD5 hash and a reiterative bcrypt hash.

What kind of website development projects have the highest need for security?

Sites that accept credit card information for e-commerce or donations, or accept sensitive personal information such as social security numbers, have the highest need for security. In addition to a Secure Sockets Layer (SSL) Certificate to encrypt all sensitive information sent to the site, there are a set of security standards called PCI for receiving, processing and (where applicable) storing this information.

What best practices do you adhere to when programming a site?

Any information that’s not meant to be publicly displayed should be properly secured. That means, among other things, multiple layers of security. As an example, passwords, which are typically stored in a secured database with no public access, should be stored using a sufficiently complicated one-way cryptography algorithm. This basically means they can’t be retrieved, but they can be compared against when a user logs in. That way, even if somehow the database is compromised, the damage is minimal.

Ultimately, a business owner should not take risks when it comes to security on any level, and needs to keep it at the forefront of any website that exchanges private information (customer or business related).

If you are interested in building your next website with the best design and security practices, feel free to contact us!

About Matcha Design

Matcha Design is a full-service creative B2B agency with decades of experience executing its client’s visions. The award-winning company specializes in web design, logo design, branding, marketing campaign, print, UX/UI, video production, commercial photography, advertising, and more. Matcha Design upholds the highest personal standards for excellence and can see things from a unique perspective due to its multicultural background.  The company consistently delivers custom, high-quality, innovative solutions to its clients using technical savvy and endless creativity. For more information, visit MatchaDesign.com.

Related Tags

You Might Also Like