How to Assure Customers Their Online Forms Data Is Secure
On any given day, a person may use one online form to buy a pair of shoes, another to replace a lost driver’s license, and yet another to access the results of medical tests. Online forms have made life faster, easier, and more accurate, with less back-and-forth trying to correct clerical errors. And now that many online forms are mobile-friendly, filling them out can be even more convenient.
Online forms are nothing new. A person can use several of them during the course of an ordinary day and not give it a second thought. But if security issues arise in association with online forms, form-users may find themselves feeling violated and wondering if they should trust the security of the forms they use on the web. It’s important that you ensure the security of the data your online forms collect, and that you reassure form-users that the data they enter is safe.
The Australian Census Debacle
In August 2016, the Australian Bureau of Statistics called on all Australians to go online August 9 to complete the census, and that seemingly innocuous request has since caused a cascade of technical, political, and legal problems. One of the first issues people complained about was that names were required and would be stored for several years, unlike with past censuses. Rumors then arose that the statistical analysis provider wanted to monetize the data collected.
As for technical problems, householders were sent an online code needed to access the census in mail addressed to “Householder” that looked like junk mail and in many cases was treated as such. Concerns about privacy of data sparked fears that people would lie on their forms out of fear their data would be misused.
Moreover, a distributed denial-of-service (DDoS) attack occurred that night, overloading the census servers with huge amounts of irrelevant traffic, making the site temporarily inaccessible. Clearly, this was a case of online forms gone horribly awry.
What Your Form Design Software Must Do
If you use form design software to create online forms, it’s absolutely essential that your software provides strong application programming interface (API) security. Insecure APIs have been linked to major security breaches, and of course any security breach is a big one if you’re affected by it. Ensure that your form design software offers critical API security options such as:
- Secure socket layers (SSL) encryption
- “White list” validated user input
- 128-bit encryption of all client-server communication
- Custom encryption keys
To prevent security breaches from inside your organization (from an angry ex-employee, for example), your form design software should allow for:
- Accounts that cannot be accessed without specifically being enabled
- User accounts allowed to modify the API being specifically designated
- IP restrictions imposed on users who access the entire API
- User-specific keys that must be used in conjunction with login to access the API
- Requiring each function call to use a security token generated by the previous function call, with each token only being used once.
Thorough Testing and Periodic Retesting Are Essential
Before any online forms go live, thorough testing is crucial. What happens when a user attempts to access information he or she does not have authorization for? Is online operation crash-free and predictable? Do your online forms still work correctly after your system or popular user operating systems (like Windows 10) undergo major upgrades? Just because you tested online forms before they went live doesn’t mean testing is done once and for all. Periodic retesting is essential to maintaining online forms security.
Choose Software Wisely and Minimize the Risk of Problems
The software you choose to create online forms can be supportive of, or detrimental to form security. PerfectForms is a form creation software that empowers the non-technical user to create custom online forms and Workflow Processes that keep your system secure while making the end-user environment secure as well. With features like SSL encryption, security tokens, and options like IP restrictions, PerfectForms makes it as easy and straightforward as possible to create secure online forms that your customers will be comfortable using. We encourage you to watch our demo and witness how powerful, effective, and secure PerfectForms is for creating the online forms that are exactly right for your needs.
Tags: online forms