In the last few years, there have been some very public data breaches. From Target to Home Depot to Ashley Madison, personal and payment data has been exposed at an alarming volume. In fact, security experts no longer talk about if companies will experience a data breach, but when.
Breaches have a negative impact on consumer trust. After a data breach, 45% of consumers say they do not trust retailers to keep their information safe.
While government offices don’t normally view residents as consumers, when it comes to personal information and payments, it’s difficult for residents to separate attitudes about retailers from government payments.
But with a retail breach, consumers can just choose another store if they no longer trust the original one. With government payments and information, concerns about trust can filter out into staff and even elected officials.
With the security of your website and payments reflecting on your administration, it’s important to do everything you can to build trust with your residents and show that you’ve done everything you can to protect their information.
The best way to build trust with your residents is also the best way to protect your site – by following security best practices. Tech-savvy residents know what indicators to look for that show you’re following the security practices needed to protect them.
Sites that require personal information should be secured with a Secure Socket Layer (SSL) certificate. SSL established encrypted connections between the user and the host computer, ensuring that data passed back and forth can’t be immediately read by a hacker snooping in on the connection.
It’s easy for a user to see that an SSL certificate protects your site. On an SSL protected site, the web address will start with https:// instead of http://. But not all SSL certificates are created equal.
A website may have simple domain validation. With domain validation, the information is still encrypted between user and host. But the certification process is less rigid. All that is really checked is that the domain exists and that someone listed as an admin with the domain registrar requested the certificate. At this level, the certification authority doesn’t validate to see if it’s a legitimate business that has requested the certificate.
Extended Validation (EV) SSL Certificates require a more comprehensive certification process. There are a number of steps to achieve EV SSL certification, including providing documentation that validates the company identity. This adds an extra layer of protection for the users and is easily identifiable. If a site has EV SSL certification, the address bar turns green to indicate the site is validated.
Published Privacy Policies
Build Trust Through Best Practices
But the biggest thing you can do to build trust with your residents is to keep your site as secure as possible. Following security best practices will lessen your exposure to being hacked, and the longer your site goes without a security incident, the more trust you’ll engender with your residents.
Following IT security best practices on your site and across your administration can help push off a breach as long as possible, and minimize the damage done when one does happen. Government offices have a lot of personal and sensitive information within their systems, not just on their websites that accept payments. Having a solid IT security policy across the organization will keep the data you are entrusted with secure.
Building and maintaining trust with your residents includes having the cues on your website that tell your users you care about their information and take steps to protect it. But don’t stop there. Be sure to include security policies that adopt accepted best practices. Ensure your office has written communication policy and an action plan if a breach should occur.
The best way to build trust is by doing the things you need to truly protect your residents’ personal and payment data.