The security of personally identifiable information (PII) is an important and often overlooked consideration when gathering customer data through a web-based form.
PII is defined as:
“Any information that permits the identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual”
PII can range from something as seemingly innocuous as full name and email, to detailed sensitive information like social security number, bank account numbers, and personal passwords. In the wrong hands, this information can be used to steal the users identify, and/or to aid in the planning of various crimes. Needless to say, it’s very important that you, as a website owner, are very careful in exactly what information you collect, and how it is used and stored. The potential damage it can inflict on your customers if compromised is significant, and likewise it can be equally damaging to you through loss of reputation, or worse, substantial litigation.
Just a few examples (non-exhaustive list) of PII
- Names and aliases
- Social Security number (SSN), full or abbreviated
- Driver’s license and / or government identification numbers
- Citizenship, legal status, gender, race/ethnicity
- Birth date
- Place of birth
- Home and personal cell phone numbers
- Email address
- Mailing and home address
- Religious preference
- Mother’s middle / maiden name
- Spouse information
- Marital status
- Child information
- Emergency contact information
- Financial information
- Medical information
- Disability information
Keep a small customer PII footprint: collect, send, and store as little as possible
Our recommendation at Watermelon is to limit the amount of PII that you collect via your website, and to be especially careful in how this information is stored, and distributed. In addition, all web forms should be submitted via a secure connection (SSL), so it’s important that a security certificate is enabled for the site. Where security certificates used to be necessary only for those websites handling e-commerce transactions, it is now becoming standard recommended security practice to have a certificate in place for any website.
We do not recommend emailing even basic PII such as name and email address, as even if it is submitted and received via a secure connection, the email path from here to there makes many stops along the way which you have no direct control over, and theoretically messages can be intercepted. A safer and easier method, is to send a simple email stating that a form submission was completed, with a link to the admin area of your site where you can view the submitted information as an administrator securely.
In terms of data storage, WordPress, Magento, and most other leading content management databases are secure, so storing information such as name, email, phone number, and other non-sensitive PII is generally safe. PII that is considered ‘sensitive PII’ includes social security number, driver’s license number, financial information, any medical or health care information, passport information, etc. There is also a class of PII that when paired with other information can be considered sensitive PII and as such should be handled in the same manner. This would include: mother’s maiden name, religion, date of birth, age, gender, school attended, etc. This information can potentially cause substantial harm, embarrassment, inconvenience, or unfairness to an individual, and as such we do not advise collecting this information via a standard web form. When asking for any user information via the web, we always emphasize to first ask yourself: “Do we really need this information, and if so, what would be the potential fallout if it was intercepted by nefarious characters?”. If there is ever any doubt, we strongly advise you to err on the side of caution. If the information is absolutely required, it is best to encrypt a file containing the PII, and send that via secure email. If documents containing non-PII must be submitted, it is important that they are stored in a secure directory above the public level of the website to be accessed as needed via secure file transfer protocol.
Protect your customers and yourself
In this day and age of rapid and voluntary personal information distribution via cell phone apps and social media platforms, it can be easy to overlook the potential harm to your customers and your business if PII is intercepted. However, it is the very nature of today’s modern digital world which makes protecting that information more important than ever, as identify theft, financial fraud, and other horrific crimes are now much easier to perpetrate by would be bad guys if they are able to get their hands on PII. Protect your customers and yourself by limiting the collection and distribution of this information, and putting in place best practices and maximum protection for anything you must collect.