In a developer-client relationship, protecting industry-specific and sensitive information like company financials, sales-related figures, and so on, is not only an ethical responsibility but also an imperative requirement on part of the developer. If this information falls into the wrong hands following a leak at any point or a hack, the consequences for your client can be disastrous.
When security and sensitive data are involved, it is always better to play safe than sorry.
I talked with WordPress developer and Codeable expert Mitchell Callahan to find out what possible solutions you could put in place when your clients are heavily concerned with data leak, data breach, and handling sensitive data. It's a key topic and one that's far from being easily addressed because as Mitchell comments:
It's an interesting 'dance' because ultimately if someone's got access to your site, they've got access to the data. Yet, more often than not, there are ways you can mitigate this.
The hard truth
Have you ever left your house key to one of your family members, one of your close friends, your neighbor eventually, for whatever reason? When you gave them your keys, you enabled them to enter your house and look through your private stuff. Have you ever thought of that? I know, I know: #creppy. Still, my point stands: once you give access to your WooCommerce store, you give access to everything that's under the hood.
This is the hard truth any WooCommerce store owner has to cope with: if you're hiring developers to work on your store, they'll have access and see (at least) some of your sensitive data. But, fear not, as there are some solid ways to overcome this.
Build a clone site
One of the first options available for a WooCommerce client who is sensitive to data protection is to have them build a clone of their WooCommerce store and work on that copy. This way all the information that is valuable to the client is scrubbed off your plate and you - or your developers - can work on this dummy site without the stress of data leak. Once completed, you would need to "pack" your work into either a plugin or finished product that you can then deliver to the client and allow them to update their website.
A potential problem here could be within the migration process, in case only the client has access to the real site because, obviously, that is a technical job. As Mitchell explains:
If the data is really super sensitive, what we do at SAUCAL, we always get them to create a duplicate site from which we can remove some of the data or simply put some dummy data if we're only building functionality. Then, they can port that functionality over to the live site because we'll package it in a way that they can upgrade it themselves. We'll give them a plugin or something along those lines and then we'll say 'Okay, push these files and you're okay.'
Encrypt the data
If your client is not willing to put in the extra effort of building a duplicate site, you might as well offer them to encrypt their data. It goes without saying that this involves increased costs and will end up slowing the site down but if they're really that concerned with their data, this is a minor drawback they should take into account. Highlights Mitchell:
You could encrypt the customer data so that only your client has the keys. If that's their choice, when I go in there I'm not actually seeing real names and addresses. I'm only seeing hashes. It does make a slightly slower site because there's more encryption going on as data is hashed and then stored in the database. This isn't always practical but I do know sites that have done it because privacy was their #1 priority.
Encryption might come in handy even in regards to hosting providers who sometimes have been granted access to our data without us to realize that. And that's something you should bring up when discussing with your client about security and data:
The first thing I'm always going to ask is 'Where's your store hosted?' to make clients aware that they're likely not even protecting their data from their hosting provider. And, unfortunately, many times they don't realize they've given full access to that hosting company until I ask them this question.
Non-Disclosure Agreements (NDAs)
In larger organizations, there are agreements between the parties involved in any project that make it legally binding for the developing party to keep all data to themselves. As an agency owner Mitchell has to deal with a number of clients that range in magnitude and tell us that:
With bigger companies or ones handling really sensitive data, we'd have been required to sign NDAs so that we would be held liable if we released any data or used that data for whatever reason.
The trust factor
No matter how many precautions you take, at the end of the day, you have to have a little trust on both sides. Furthermore, if both parties value the commitment and responsibility they have taken, it can go a long way. Mitchell further digs into this key point and says:
eCommerce is all about data. And if we're going to be working on your store, we're going to be exposed to your data so you've got to really trust your developer.
There are many ways in which you can limit the amount of risk for your client's WooCommerce data but, in the end, it all comes down to adding several layers of security and building trust.
Clients with sensitive information will always be susceptible, suspicious and reluctant about their information. It is at this point that your skills, your experience and the way you communicate with them come all into play. Effective communication and transparent processes can put your client at ease while allowing you to work with a relatively higher level of freedom.
This blog post features Mitchell Callahan who is the commander at SAUCAL, a team of Certified WooCommerce experts dedicated to helping tech-savvy, web-based store owners like you thrive in an increasingly digital universe. SAU/CAL was named as the Best WordPress Agency for 2016 by WP Mayor.