SMBs increasingly rely on customer information through websites, but 50% of user information is not secure

Small businesses relying on collecting visitors email addresses may be in breach of privacy regulations due to their own inconsistent security measures.

A study conducted by B2B professional services company Clutch found that 50% of SMBs are at risk with commonly collected information making businesses vulnerable to privacy violations.

Currently, email addresses remain the most commonly collected customer information (57%), followed by names (47%), and locations (45%), which is information that can provide valuable insights for sales and marketing teams.

However, industry leaders point out that email addresses present the greatest security risk to consumers. The 2017 website security survey included included over 302 website managers who built and/or maintain a website for personal, business, or other use. Clutch then asked them to identify the steps website managers take to secure their websites, as well as how commonly used security measures can be applied to protecting website visitors’ privacy.

Idan Udi Edry, chief executive of Trustifi a company specializing in email transaction data security and privacy, believes an email address is one of the most dangerous pieces of information to share.

“When data is correlated over multiple web services, whether that is a Gmail account, a bank account, a password retrieval from Facebook, family-oriented documents, travel-agency information, and so on, it is done through the email address,” said Edry.

"When data is correlated over multiple web services, whether that is a Gmail account, a bank account, or a password retrieval from Facebook, it's done through the email address," said Edry. "The combination of an email address and a name is enough [for a hacker] to start the reconnaissance on someone as a user."

B2B marketers have taken note that among the issues facing potential customers is a cumbersome and somewhat antiquated user experience when it comes to security while 63% of website managers admit that they do not currently use common security features, including encryption.

"The user is required to do a lot of things–provide your password, your cat's name, the street you're living on, your favorite number," said Michael Tys, a mobile developer at TechMagic, a mobile app and web development studio based in Ukraine. Tys notes that the increasing availability of banking and other apps that use a fingerprint to unlock encrypted information could be a boon to small businesses seeking more secure customer information.