It's time for

HTTPS Encryption – The Website Standard

Archive

By: Julie Wild, senior designer / geek & creative @ wisnet

Is Your Website Secure?

On February 8th Google announced that “beginning in July 2018, with the release of Chrome 68, Chrome will mark all HTTP sites as not secure.” This means that sites without an SSL certificate and an URL that starts with HTTP will be flagged to viewers as an unsecured site. This could scare visitors away from that website, reducing traffic, ultimately leading to less contacts and sales.

What is HTTPS?

HTTPS uses encryption to protect the information sent between your browser and the website making it nearly impossible to intercept, protecting you and your data as it is sent across the Internet. Without encryption, it would be possible for a hacker to intercept this information or to inject malware into a web page. HTTPS encryption was introduced in 2003 and was primarily used on portions of websites where customers enter sensitive information such as filling out forms or ordering products online. Google has been a strong advocate of making HTTPS the standard for all web pages since 2014. Flagging unsecured sites in Chrome will be a final push for website owners to update their sites.

How do I add encryption to my website?

HTTPS has become much easier to implement through automated services like Let’s Encrypt. Google also offers its own Lighthouse tool, which includes tools for migrating a website to HTTPS.

At wisnet.com, newer sites created with WordPress are set up as HTTPS from the start. To make things even better, all WordPress sites at wisnet.com come with a free SSL Certificate. If you have an older WordPress site that is not HTTPS, contact us so we can help you get more secure. Whether your site is created in WordPress or another format, wisnet.com can answer all of your questions about your website’s security and help you convert to HTTPS.

Resource Links:

The Creative Flow

Archive

By: Rachel Lederer, intern / geek & creative @ wisnet

Now that I am halfway through my internship at wisnet, I have learned a lot. But not necessarily about web design, which is what I initially wanted to do when I came here. It makes sense that I didn’t learn a whole lot though, because that is not my specialty. Working with people and figuring out ways to make their lives better is what I am good at, and the people at wisnet have helped me realize how much good I can actually do.

I still don’t have a specific idea in mind of what I want to do as a career, in life after college, and I doubt that I will ever have that in mind, because I think that would narrow my search too much of what I want to do. I know for sure I love working with people, event planning and collaborating with others to create social media campaigns. I have figured out that I do not want to work in web design business, but here at wisnet there is a good distinction between web design and customer care. I have amazing team members who are willing to help me get from point A to point B in a way different from what I am used to. After all, wisnet is a team of Geeks & Creatives. Here, the geeks and creatives work together as a team, and there is no distinction between them. The wisnet team includes everyone, no matter what their background may be.

Overall I enjoy my internship here at wisnet, because I feel like I am appreciated and have a purpose. I am not the typical intern that goes on coffee runs and serves as more of a secretary. I have made my mark here, expanding on social media campaigns for clients and working on client onboarding and tutorials, and I am glad I had the opportunity to become a part of this team. I am excited to see what the future (well actually the rest of the summer) holds here at wisnet.

Geek Throwback: Fountain Pens

Archive

By: Steve Maass, senior application programmer / geek & creative @ wisnet

I’m a programmer. I type on a keyboard for a living. In fact, while the backspace key is my best friend, I type pretty fast, despite being self-taught. Typing is such a big part of my life that if I need to make a note of something at work, I type it into a text editing app. About the only time I grab a pen and paper is if I’m heading to a meeting, and that’s only because I find it too distracting to type while I’m listening.

Which brings me to the point of this post. About a year ago, my wife expressed an interest in getting a fountain pen. “Why?” I asked her. Why not use a ballpoint? They work well, they’re inexpensive, and they don’t leak (fountain pens leak, right?).

She gave her reasons, but I wasn’t convinced. Luckily, we have a great pen store not far away, so we paid them a visit to see what was what and to ask lots of questions. We did settle on a pen for her, but personally, I still didn’t get it. (She loved using the pen, so that first visit was far from our last, but I digress.)

Eventually, after picking up a couple of nice ballpoints for myself (hey, I knew what I liked), I started wondering what all the fuss was about, and I decided to get my first fountain pen. And then I got it. It really is a whole different world.

Fountain pens certainly aren’t for everyone. They need to be cleaned occasionally, they can run out of ink and require a refill, and they don’t always work well on cheap paper (think copy paper and the like). And depending on the ink you use and how much ink your pen lays down, it can take several seconds for your writing to completely dry.

As for leaking, it’s a joke in the pen world that a fountain pen is basically a controlled leak. And it’s true that if you take one on an airplane, the changes in air pressure can cause the pen to “burp” into the cap. But if your pens stay on the ground (or fly empty), you shouldn’t have a problem.

So, why fountain pens?

With a nice, fountain pen-friendly notebook, the writing experience can be almost magical. You barely need to apply any pressure when putting pen to paper. The nib (the part that touches the paper) glides across the page. And the ink colors! Unlike with ballpoints where you’re generally stuck with blue or black or red, there’s a literal rainbow of colors of ink to choose from: oranges, purples, turquoises, pinks, greens, every possible shade of blue or brown, and on and on.

All of that makes a fountain pen great for journaling, drawing, writing letters, adding a note to a birthday card, or even just jotting down a reminder.

Now granted, for the sake of convenience, you may find that a ballpoint is still the best option at work, and I won’t argue the “point.” But for de-stressing and just enjoying something the way it used to be, fountain pens can be a real delight. And an addiction. But I’m getting help. 😉

What does the General Data Protection Regulation (GDPR) mean for you?

Archive

We’re confident you’re received a number of privacy policy update emails, but do you know why and how this might impact your website and communications? Here’s our attempt at a synopsis and if GDPR impacts you.


Disclaimer: This post is not legal advice. We’re not lawyers.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU) and also regulates the exportation of personal data outside the EU. This new set of rules is designed to give EU citizens more control over their personal data. But this law affects any organization doing business with or collecting information from an EU citizen.

What do you mean by “personal data”?

Your name, address, credit card number and more all collected, analyzed and, perhaps most importantly, stored by organizations. The types of data considered personal under the existing legislation include name, address, and photos. GDPR extends the definition of personal data to cover:
– Web data such as location, IP address, cookie data and RFID tags
– Health and genetic data
– Biometric data
– Racial or ethnic data
– Political opinions
– Sexual orientation

Does it affect my company or organization?

If you hold any EU citizen data via your website, app, or service you MUST act now (in fact you’re super late to the party). All organizations are expected to be compliant with GDPR as of May 25, 2018.

If you have international reach with your website, social, email – really any online media, you should probably still pay attention to GDPR and take some action.

What happens if I don’t comply?

There is a fine for not being compliant. The maximum fine for noncompliance with the GDPR is up to 4% of the annual global revenue generated by the company.

So, what do I need to do?

  1. Get permission of data collection.
    The GDPR requires companies to clearly state the purposes of data collection to the customer, when and how it will be used, and when it will be destroyed. It cannot be hidden in a privacy policy statement nor recorded by default. If you are collecting data from a form page then you must ask customers to give consent to use their personal information. (unless it is for compliance with a legal obligation). And the data cannot be kept indefinitely.
  2. Protect the data that is collected.
    Make sure your company has the proper security measures in place should be first on your task list. Contact your IT administrator, find out what you need to have in place to be compliant, and then create a protection plan.
  3. Inform all persons of a data breach.
    Your company must inform victims individually of any breach within 72 hours.
  4. Respond to data collection requests.
    Any customer can request what type of data is being collected and stored about them (Right to Portability), as well as the right to request that it be deleted (Right to Erasure).

Here’s what a lot of other companies and organizations have been doing:

  • Updating their privacy policy on their website.
  • Adding notices about personal data collection on all form pages.
  • Emailing their updated privacy policy to current customers, and providing opt out requests for email lists, etc.
  • Adding an opt in on websites addressing acknowledgement of data collection

If you are concerned that you may not be GDPR compliant, please contact your lawyer to help guide you.

Online Resources:
https://www.zdnet.com/article/gdpr-an-executive-guide-to-what-you-need-to-know/
https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html
https://www.cio.com/article/3256086/privacy/becoming-gdpr-compliant-quickly-effectively-and-risk-free.html
https://www.ogury-gdpr.com/