For startups, initial days are very crucial to set the base for coming years as they build up the product that fits the market. One of the most important key to product success is trust factor and it applies irrespective of whether the product is B2B, B2G or B2C.
To build trust in today’s data driven market, startups need to provide security for the data they will be handling on behalf of their customers. For this, startups should hire professionals who help company by following best security guidelines and avoid any kind of data beaches whatsoever.
Security researcher Troy Hunt‘s search engine Have I Been Pwned, has repository of many data breaches which could have been avoided easily. Over the years, he has written extensively about security, which has allowed technical community to learn do’s and don’ts of keeping data secured. Startups can also take cue from such services and implement basic features which can control the damages, even if a hacker manages to get into the system.
There are two kinds of companies: those who’ve been hacked and those who don’t know it.
Since this isn’t my domain, it would wrong of me to point exactly what a startup dealing with data and servers should follow, but I can suggest simple techniques like:
HTTPS: If you are going to ask users to log in, simple don’t do it with SSL. This way you avoid any one from snooping client-server communiation.
Online Payment: It’s better to let established services handle the payment. If you are into initial stage of selling products online, then this is must, let go the hassel.
Say No To Unencrypted Data: Make sure the data being stored on your servers is encrypted right from its origin till the server destination. This also applies to passwords and any data that users don’t want others to snoop on.
Multiple Authentication: Sign in can also be given to third party like Google, but on top of that if user logs in from unknown location, then the system should opt for multiple authentication or give customers the ability to setup 2 step authentication from day 1.
Watch Your Firewall: Recently, Bangladesh Bank’s heist occured due the negligence on part of firewall and quality of product used. There is no harm in investing where the need is, get the best hardware for the software you want to build and run.
Hire A Ethical Professional: Startups should consider hiring an ethical hacker, who will test the system top-down for all the possible hacks and loopholes.
Take The Blame: As soon as startups get to know about any data breach, they should follow steps to minimize the damage and take the blame for it.