Website Security
A pharmacy in the news this week. Dozens of patients' medical details, sitting on a website, readable by anyone who wandered close enough. No attack. Just a gap nobody noticed.
Black Sheep Creative ยท 6 min read
The story
We tend to picture breaches like a film. Hooded figure, green text, a progress bar climbing toward DECRYPTING. Reality is duller and somehow worse. A New Zealand pharmacy left a flaw in its website and the private medical details of dozens of patients were just there, in the open, waiting.
And the thing is, you read a story like that and assume it lives in a different world from yours. Bigger systems, more patients, higher stakes. It doesn't. The mechanics are the same whether you're a pharmacy or a four person studio taking quote requests through a contact form.
If you are collecting information from people on your website, then you are collecting data that could potentially be used against them.
Closer to home
Contact form. Booking. Job application. The little quote calculator someone built two years ago and everyone forgot about. Each one collects names, emails, phone numbers. Sometimes a lot more than that, depending on what you ask.
It all has to land somewhere. A dashboard, a database, an inbox that fills up and never empties. That pile of submissions is one of the most valuable things your business owns. It is also, almost always, the thing nobody is actually guarding.
A form is a promise. People give you their details UNDER THE ASSUMPTION IT IS GOING SOMEWHERE SAFE.
The weak point
One person on the team can open every submission. They log in with a plain username and a eight character password. Maybe it's their first name. Maybe it's the company name with a 1 on the end, because the system made them add a number.
Eight characters feels like a password. It isn't a lock. Free tools chew through millions of combinations before the kettle boils. To anyone looking, that login is barely there.
You can have a gorgeous, fast, perfectly built website and it changes nothing if the door behind it opens with one soft guess or has a low bar for breaking into.
The pharmacy didn't get hacked. The data was already exposed. The everyday version of that headline is one account, one weak password, sitting in front of everything your customers ever sent you.
Someone will try the handle eventually.
What actually helps
Most of it is free and takes an afternoon. You do not need a security team. You need to stop putting it off.
Switch on two factor
A code from a phone app, on top of the password. Biggest single jump in safety you can make, and it is usually free. Turn it on for everyone who can see form data, not just the boss.
Ditch short passwords for passphrases and Password managers
Length beats clever symbols. Four random words are easy to remember and miserable to crack. Let a password manager hold them so nobody has to. Six characters guards nothing. Better yet - offload the passwords to a password manager like 1password!
Hand out less access
Not everyone needs to see everything. Limit who can open sensitive submissions. And when someone leaves, cut their access that day, not three months later when you remember.
Stop collecting what you never use
Every field is something you then have to protect. Date of birth you never look at. Home address for a newsletter signup. If you don't need it, don't ask. The safest data is the data you never held.
Get someone to trace the wiring
Forms, databases and logins connect in ways that are easy to get subtly wrong. Someone who builds these things can spot the gap you can't see from the front of the site. Half an hour, usually.
Before you close the tab
You don't have to be technical to feel where the soft spots are. If any of these makes you wince, that's your starting point.
๐
Is two factor on, for everyone?
Every account that can see submissions. Not just the one you logged into last.
๐
Could you crack your own password?
If a stranger could guess it from your business name, so can a machine.
๐
Who can see the data right now?
Name them. Include the contractor from last year. Still on the list? There's your answer.
๐งน
Are you hoarding fields you never read?
Every one of them is a future apology letter if it leaks. Trim them.
We build sites that keep customer data where it should be, and we're happy to cast an eye over one we didn't build. No pitch. Just a look.