Blog

GDPR means WordPress updates can’t be ignored
April 20, 2018

You know how it is – you look at your computer, a small red circle indicates several updates are required. Dread instantly overcomes you as you contemplate downloading and installing the updates and killing the productivity of your day. You quickly decide to ignore the notifications and get on with your work – after all it’s not critical – right?.

Unfortunately, this is an all too common scenario with WordPress updates. Many Creative Agencies are overlooking this important area and ignoring GDPR which is leading to predictably bad outcomes that are eminently preventable.

Updating WordPress regularly helps keep your data secure under GDPR

Updates are necessary because the creation of software is an iterative process, better and more efficient ways are found to write the code, but not least make it more secure. The UK NHS paid a heavy price in May 2017 when they ignored the need to continue paying Microsoft to maintain their legacy computer network.

Hackers found it remarkably easy to infiltrate their systems and hold the company to ransom. The same can be said for WordPress, the popular open source CMS platform. Hackers are always scanning and probing to find backdoors so they can steal data or use the website for spamming or scamming.

WordPress Updates are not an ad-hoc box-ticking exercise

Following the launch of our WordPress maintenance service we have found some Agency clients resisting regular, weekly updates. They would rather leave their Client’s sites out in “the Wild” with out-of-date software for long periods (months on end) and apply the updates in an ad-hoc fashion.

This puts them at risk to all different types of hacking. Consumer businesses in particular run the risk of having personally identifiable data stolen, and having to declare a data breach to the ICO under GDPR. A process which could lead to a very heavy fine considering the apparent lack of care taken with updates.

B2C or B2B – a hacker can always make use of your website

Even if you are a B2B Agency, leaving backdoors will tempt hackers to do other things even if there’s no data to steal. For example, one of our clients who shall remain anonymous, neglected to apply any updates to their WordPress site for a long period resulting in hackers accessing, cloning and using their site in a scam in Asia.

The damage this can do to a business’s reputation is limitless. Trust and credibility is the foundation of all business relationships. Rumours of scams and criminality will ensure prospective customers default to competitors without the notoriety.

Don’t put your Clients WordPress sites at unnecessary risk

Regular WordPress updates will prevent this and ensure the best possible user experience. When you subscribe to our white label solution we also provide uptime, SSL and malware monitors with off-site back-ups for disaster recovery – giving you and your Client’s peace of mind. Find out more at www.sheerwpmaintain.co.uk

David Dawkins is a founder and director of Sheer Digital and Sheer WP Maintain.

We create exciting digital experiences, which put people first help you grow your business. Feel free to reach out to us any time for advice on your digital assets.