24/07/2014

By Paul Steiner, GM of EMEA, Accellion


Start-ups are at the leading edge of the technology industry’s explosion, creating new products and disrupting established business models. With each passing month, the number of start-ups increases exponentially, with more than 500,000 setting up in Britain in 2013. However, many start-ups are failing to set up basic security precautions, leaving themselves and their customers’ information open to the risk of data leaks or cyber-attacks.

Many companies simply believe that they have better things to focus on when they’re first starting to create a product, but that is far from the truth. According to The New York Times, messaging service WhatsApp, which was sold to Facebook for up to $19 billion had lax encryption and protection of personal information for its more than 400 million users, despite the company’s claims to the contrary. Upon purchasing the company, Facebook immediately had to implement its own security protocols within the company. Additionally, a WhatsApp competitor saw a 600 per cent increase in subscribers the week after the security risks were discovered.

According to the article, when a new service is launched it’s usually more vulnerable, because “tech entrepreneurs take possible security risks as an accepted trade-off for building their product at a rapid pace. Stricter password requirements and airtight encryption take a back seat to user growth, convenience and feature introductions.”

While some entrepreneurs may consider this to be an acceptable trade off, more SMEs need to properly divert resources toward proper security capabilities, so that data isn’t inadvertently leaked, nor maliciously taken. As seen with WhatsApp, this kind of revelation early in a company’s life gives customers serious cause for concern, because they don’t yet have the brand loyalty that someone might have with a company like Apple. This causes start-ups to lose both existing and new customers, who may migrate to competitors.

Another reason to address data security concerns early on is that it’s much harder to go back and bolt security features onto an existing product platform. While it can be done, these kinds of security features are not going to be as secure as those that were integrated into a solution from the very beginning. This kind of forethought in keeping customer or client data secure can save a company time and money in the long run in the form of shortened product update cycles, and brand loyalty. Companies need to anticipate and prepare for the worst by creating a security bunker that will withstand intentional and accidental data leaks and breaches.

Advances in technology are making this task less onerous for start-ups than it would have been just five years ago. In the wake of security scandals like the NSA, more vendors are building security features into their offerings, so start-ups can ensure that their cloud storage providers are providing granular encryption capabilities, and their content management solutions are providing robust access and security controls. There are also numerous new security vendors that can specifically focus on security the data of any sized company.

The importance of remaining vigilant and of dedicating time and resources to beat security threats cannot be overstated. One of the keys to building a sustainable company is to create a product and brand that customer and partners trust with their information and sensitive business data. Start-ups may consider security concerns beneath their overarching goals of creating a disruptive product, but without security built into a product from day one, a breach can occur and raise red flags. While WhatsApp had the subscriber numbers to weather the resulting backlash from its security issues, many other companies haven’t been as lucky, and have simply vanished.