Website

Companies Should Embrace Personal Privacy

Why Companies Should Embrace GDPR

If you maintain customer data, somebody wants it.

Customers May Not Yet Appreciate Extra Protection

Many consumers became upset with privacy policy inundation near the GDPR deadline, despite most of it being crafted to benefit them. The plethora of updates were motivated by GDPR compliance. European regulators saturated the globe with seven emotional sales motivators to get companies to revamp data protection:

  1. Greed – Multi-million dollar fines
  2. Fear – Devastating repercussions of data misuse
  3. Altruism – Desire to protect customers
  4. Envy – Prevent competitors from having advantage
  5. Pride – European customer approval
  6. Shame—Castigation for non-compliance
  7. Need—Responsibility to protect data

Many companies have poured tremendous resources into compliance. Others must change their entire business model or retool software. Some exited their businesses geographically or completely. Whether the reaction to GDPR stimulates or cripples the economy is yet to be seen. But it is something long overdue.

Video: How data brokers sell your identity

People who wish to control how third parties use their data might visit PlusPrivacy.

You Are A Target For Attack

If you maintain customer data, somebody wants it, and the more information you have about each one, the valuable those customer accounts become. The primary method of monetizing thins information in the past was to sell databases. Today, participation in social media or use of apps provides companies with comprehensive profiles of user likes and contact information. While some of these personal data acquisitions are quite sophisticated, other threats amount to old-school hacking:

  • Use browsers with JavaScript disabled
  • Multiple human/mechanical login attempts
  • Outdated hardware and operating systems
  • Sign up for newsletter to gain host email
  • Attempt to hack online customer lists
  • Deploy [ro]bots to scavenge emails from Web pages

GDPR is a two-edge sword: Better data security thwarts breeches. But, some hackers take on increased security as a challenge; others target companies who fail to update infrastructure.

Mitigating Attacks

Customer Privacy Goals

ClinicalPosters began migrating to a more secure e-commerce platform in December of 2017, with an official launch in January 2018. For added data security on ClinicalPosters.com, multiple firewalls are used to protect data. Malicious attacks are thwarted at least 1000 times per month.

To better manage versions of photos, the hosting platform scales images to appropriate resolutions on the fly. This technique allows only 10 percent of overall content to benefit from content delivery network (CDN) caching. But combined with other techniques, pages are delivered an average of 40 percent faster.

Suppose our host is in New York City and you are located in Seattle. East coast visitors enjoy much faster delivery of content than west coast visitors. Moving a few megabytes of data 3000 miles takes a couple of seconds longer. ClinicalPosters has activated a CDN. This stores static page elements in different regions so they arrive more quickly when requested.

One of the largest bottlenecks comes from pages with many images. Often, there is a desire to have large representative product photos. It is possible to scale these down to form a grid on a shopping page without reducing the resolution. This adds up to a significant amount of sluggish data. A better option is to create smaller low-resolution versions of the main images. Then, you need to keep track of two versions. Each instance of an image at a different size requires another version. ClinicalPosters.com delivers a combination of mostly dynamic pages with a smaller percentage of static content.

Browser cookies can be a good thing on a trusted site. They help identify your preferences and alow site owners to see how frequently pages are visited so navigation may be improved. Most cookies are sessional, meaning they expire when your session is done. Out of an abundance of caution, European visitors must enable cookies on this sight to enhance their browsing.

Security is only as strong as its weakest link. The key, is to make certain this link does not exist. ClinicalPosters has written farewell letters to some vendors. Services must be compatible with our current Privacy Policy. Here are features that have either been discontinued for the time being or are being considered for removal:

  • Cart Harmony—Ongoing evaluation
  • Social media login—Removed
  • Amazon login—Removed
  • Simplified mobile checkout tool—Removed

Without revealing all security measures, we want customers to rest assured that there are failsafes in place to protect personal data. So for all the headache GDPR has caused, companies like ClinicalPosters can feel thankful for the motivation to increase security.

Read next article

'World of GDPR Compliance Websites'
'Healthy Conversion Funnel'