Too many startups, new ventures and SMEs do not take seriously the immense problems that a security breach can create. They may be thinking “We can do that later.”
Security Risk Examples
Examples of recent security risks/issues that have inconvenienced or may inconvenience customers include:
- 32 million users account information was exposed by hackers who disliked the Ashley Madison website. The article Now you can search the Ashley Madison cheaters list CNN also states “Few websites practice good security standards”.
- “Nearly every major bank is using second-rate security to guard its website. Capital One, JPMorgan Chase, Suntrust, Wells Fargo — none of them use what’s commonly referred to as the “best practice” in the industry when it comes to Web security.” The article Banks are skimping on website security CNN also includes … “Banks are saying, “Hey, there’s a crack in the plane, but we won’t fix it because we don’t think it’ll cause the plane to crash today,” said cybersecurity expert Robert Graham.”
Well managed startups, new ventures and SMEs should include security provisions in your product development processes. Periodically hire outside security experts to review your product-centric security and suggest improvements. Periodically hire teenage hackers to test your security for your customers and suggest improvements.
As soon as your minimum viable product is in place. Make sure that your plans include adequate provisions for security.
Thank you for this article, I cannot stress the importance of security, it is absolutely necessary regardless of the product’s age or value. In fact, I can relate to the topic of a security breach. An old marketplace startup of mine had a severe security breach, allowing users to obtain insecure product source files, costing me a lot of money in repairs for my vendors. I now realise that security online should be my #1 priority.
I am glad that you found this Post to be useful.
What are your thoughts on *internal* data security? We had a manager leave our company and he took some code with him and also a client list. We had to contact our clients individually and let them know the guy had left and to let us know if he contacted them.
It took us about three months to “mop up” the situation, and it made us look really bad in the process.
Our HR people said we needed to implement stricter policies, but I don’t know if that would have helped. What can companies do to tighten up security from within?
*Internal* data security is a major risk. You should prepare for that possibility; and periodically check for that potential reality.