Hands draw a padlock icon

Data Protection, Flash, HTML5 and Your Responsibilities

Data protection is a must for any business with an online presence. Regardless of whether a company only offers its services in the US or it crosses international borders, data protection will impact almost every part of the business. Inevitably, some business owners only think about data protection and security when something goes wrong. That, however, is a costly strategy. Data protection should always be considered both from general and specific perspectives.

You Need to Protect Everyone’s Data

Generally, data protection is the act of complying with laws such as GDPR. These laws are designed to protect consumer data from loss, damage, or theft. Beyond that, data protection laws afford companies and consumers certain rights with regards to how information is stored, handled, processed, and, importantly, made available on request. Once you’ve got the basics covered, it’s time to think about specifics.

One area of data protection that’s become important in recent years looks at HTML5 and Flash software. The “Flash era” has been coming to an end for the best part of five years, so people might assume it’s no longer relevant. That’s simply not the case. A case in point is gaming. Free flash games remain popular due to their accessibility and the minimum system requirements for these types of games are fairly low. For example, a Viking adventure Flash game could run on Windows 8 or MacOS Catalina with just 4GB RAM and an i3/AMD Athlon processor.

Don’t a Complete Flash in the Pan

Flash might be fading from other parts of the online entertainment sector, but it’s not completely gone from gaming. As such companies in this sector need to be aware of the potential data protection issues with Flash software. The biggest issue is that Adobe stopped providing support for Flash software in 2020, which means those who use it now need to source their own resources, patches, and updates. Old vulnerabilities also include transmission of data from your browser. As noted by a 2018 Comparitech blog post, Flash reported “detailed information about your browser and operating system” to snooping sites.

These vulnerabilities were largely fixed prior to the advent of HTML5 which, by almost all measures, is seen as superior to Flash. However, even HTML5 isn’t impervious to data protection issues. The most common security vulnerability for HTML5 is cross-site scripting (XSS). This type of attack involves an attacker injecting malicious code into a web page. This code can compromise a user’s data and cookies. Therefore, if you’re running a website with HTML5 code, you need to make sure it isn’t vulnerable to the latest XSS attacks. Other security issues to watch out for if you’re using HTML5 are cross-origin resource sharing (CORS) and weak Web Sockets.

HTML5 is Strong, But Don’t Forget to Think About Weaknesses

On the other side of the coin, HTML5 does offer a number of benefits. As long as you create a secure environment that isn’t vulnerable to data protection issues, HTML5 code is clean and concise. Less code means your website may not be as vulnerable to weak lines of code which, in turn, could put users’ data at risk. HTML5 also uses semantic tags, which is great for search engine optimization.

Finally, HTML5 works on all platforms, so there’s no need to write separate code for different browsers. Overall, it’s a slick way to put multimedia elements into your website, but don’t assume that HTML5 is perfect for data protection. No code, no software, and no system is 100% bulletproof. There will always be data protection issues to consider, so make sure you not only understand the basics but also the specific issues your websites and servers might face.

 

Staff Writer at CPO Magazine