Written by Nick Green of PolicyBee on 24 June 2013
Design for strife
The internet’s brilliant isn’t it? And email. That’s brilliant too. All that technology, churning away, enriching our lives and making things faster, easier and cheaper (mostly). High five, humans.
But, as always, there’s a flip side to this eye-popping wonder. Unfortunately, the creative and curious part of human nature drives us to do both good and bad. And to the criminal mind, technology is just another opportunity.
Cyberspace is crammed with viruses and unscrupulous hackers. Tech crime is on the up, with both big and small businesses are a target. Be sure of this: weaknesses in your website, or those you’ve designed, can be exploited for nefarious gain.
There’s a massive market for stolen data, almost regardless of what it is and where it comes from. Logins, passwords, contact details, wireframes, branding concepts etc are available to the highest bidder. Worse, it’s not just your stuff they want; it’s your clients’ stuff too. Much more lucrative that way.
Just a byte-sized chink in your armour is enough. Without you knowing it, there’s malware on your system stripping out yours and your employees’ passwords. (You don’t use the same details for work computers and your online banking, do you?) Then it’s reading your clients’ URLs and moving on to do the same thing there.
If you’re lucky, you might get away with holding on to your data and *just* having a virus-riddled network instead. If it’s not too corrupt, you might even be able to keep working.
A problem shared
The fact is that anything other than a very low-level attack on you or your clients will leave your business reeling. Security breaches are time-consuming, inconvenient and expensive to recover from. And that’s if you know what you’re doing.
Worse, if you can’t work, it won’t be long before clients start asking questions about when you’re going to finish what they’re paying you for. You’ll be surprised how quickly the excuses wear thin. Thankfully, there’s an old-fashioned solution to this very modern problem: insurance. Two types, in fact, for two potential problems.
The first problem is this: what happens if you design a website, it’s breached, and your client’s left high and dry? Who’s liable? Is there a case against you? Who pays to fix it?
It all comes down to the nature of the contract. Arguably, you’re the professional and you should know what makes a website secure (regardless of whether you actually write the code). You’re a bit like an architect in that sense. You know what fundamentally works and what doesn’t.
But are you liable? Possibly, yes. Whether you’re actually negligent or not depends on the nature of the breach, how the parties involved argue it out, and the extent of your contract responsibility. At the very least you’re going to have to defend yourself.
If that happens, you’ll need professional indemnity insurance. It pays for your defence and, if you’re at fault, compensates your client. It helps when you’ve done something wrong, of course, but the good thing is it fights your corner when you haven’t, too.
The second problem is less about the legal, more about the practical. If a cyber-attack knocks you out, it’s unlikely you have the time or the expertise to fix it. Cyber liability insurance (also known as digital risks or e-risks insurance) helps in two ways.
It pays for your direct losses, like the costs of repairing your system or website, and compensates your client if they sue you for things like unauthorised data collection or virus transmission. In simple terms, it gets you back up and running quickly and helps keep your client relationships intact. All without a four-hour call to your tech provider’s helpdesk, too.
So is cybercrime a problem for web designers? Yes, of course. It’s a war out there, right? But at least now you have a chance of winning the battle.
Would you like to know more?
The UKWDA has partnered with PolicyBee to offer members 10% off professional indemnity insurance. Get a quote today.