AnonyMouse_43349 Posted June 20, 2018 Posted June 20, 2018 We have been presented with a GDPR managed services proposal by our website host and wondered if this was necessary and what other settings have in place. It suggests the need for a SSL certificate and cookies control. Any help or suggestions greatly received
FSFRebecca Posted June 21, 2018 Posted June 21, 2018 Morning sandcastles2000, Well done on making your first forum post! I'm going to put this into the GDPR area as there will be more GDPR questions and answers there! I will ask my colleague Tim to give you a hand too
Tim Posted June 21, 2018 Posted June 21, 2018 Hi Sandcastles2000 It is difficult to comment on your specific website host and what they are proposing. What I can do is try to explain about SSL certificates and cookies so you are well informed to assess your needs. SSL certificates are a way to encrypt the end-to-end communication between someone viewing a website and the website itself. So, for instance, if your website allows people to submit personal information, such as parent/child information, or payment details, you would definitely want an encrypted connection. Without this, the information is sent as plain text and is susceptible to someone intercepting it in transit. All websites are moving towards using SSL certificates and encryption of all pages, which is generally good practice even if personal/sensitive information isn't being passed, and modern web browsers will complain about pages that are not encrypted. Cookies are small files that sit on a user's computer - they are created and updated by the website (the user's web browser will have an option to allow or disable cookies). They contain information about the websites that the user visits and allow the website to tailor webpages to the particular user. For instance, if you have filled in a form on a website, your name and email address may be stored in a cookie and this will be sent to the website on your next visit. Cookies do not present a serious security risk, as they only contain information that the user has volunteered to the website. However, they can contain personal information, so probably your website host is proposing a pop-up which gains the user's permission for the website to create and update cookies. I hope this is helpful. Tim :-)
Recommended Posts