Freelancers can debug websites for extra cash
The Economist profiles California engineer Emily Stark, a freelancer who worked after hours debugging websites and finding flaws in their user authentication. The report emphasizes a few things:
- There's plenty of work available for IT freelancers with this skill set.
- Websites are riddled with flaws.
- The work can be enjoyable.
And the work can pay off in big ways. Companies like Google run bug-bounty programs, offering anything from $500 for spotting a minor security error to $50,000 for major finds. In Stark's case, she became so good at bug hunting that Google recruited her for a full-time position in its security division.
It fits the general trend we've been reporting in data security: there's a lot of security work, but a lack of security professionals. If you're looking to capitalize on this well-paying work, make sure you understand the professional liability risks that come with it.
Debugging can lead to legal landmines
You may think you're helping a company out by spotting the flaws of their inner workings, but not every company invites bug hunters. Stack Exchange has a nice back-and-forth thread demonstrating why debuggers can trigger the legal wrath of the company they're working for.
For instance, Forbes reported on one security expert who was sitting on a United Airlines flight when he decided to test the Wi-Fi, found flaws, and alerted the company. How did United repay him? The airline detained him and confiscated his laptop. At least he wasn't sued.
If you work in debugging and security testing, you'll want to:
- Make sure companies are on board with your testing.
- Be careful about who you disclose these flaws to and do so with tact.
In some cases, in order to find a flaw, you may have to trespass beyond a company's security. That may cross a line, leading a company's lawyers to file a lawsuit against you or alert authorities. It may seem strange that white-hat hackers can be targeted for trying to help, but it does happen.
Why professional liability matters for IT freelancers
Errors and bugs plaguing websites and programs may be easy for IT consultants to decipher, but can the same be said about professional liability risks?
Professional liability refers to the risk you face when performing IT work for a client. A client could sue you, claiming there was a problem with your work. Of course, all kinds of problems can surface:
- Data loss
- Compatibility issues
- Security snafus
- Data breaches
For a freelance debugger, software tester, or other white-hat contractor, you could be liable for security issues. Say a client claims that you've misreported a bug, exposed them to unnecessary security risk, or botched your testing in other ways. That's your professional liability – and it could lead to a costly lawsuit.
That's why many clients require IT consultants to carry professional liability insurance, also called errors and omissions insurance.
Like most insurance, professional liability insurance won't cover illegal activities. While white-hat hacking isn't illegal, you'll want to be as cautious as possible to make sure you don't do anything that crosses a legal line (or leads clients to think you have).
If a client claims you've done something illegal, you risk your insurer refusing to cover your lawsuit. It'll be up to you to make sure everything you do is aboveboard.
Compare quotes from trusted carriers with Insureon
Complete Insureon’s easy online application today to compare insurance quotes from top-rated U.S. carriers. Once you find the right policy for your small business, you can begin coverage in less than 24 hours.