01-21-14 | Blog Post
In the days following the Snapchat data breach, a number of tech publications wrote a version of the same story: Startups don’t (or can’t) pay enough attention to security.
Earlier this month, phone numbers associated with 4.6 million accounts with the mobile photo-sharing service were breached by non-malicious hackers. The numbers were published with the last two digits obscured.
Qualys chief technology officer Wolfgang Kandek told CSO Online he was not surprised Snapchat had trouble securing its application programming interfaces.
“I think this is almost normal for a company at their stage that is focused mainly on scalability and functionality,” he said. “I am sure they will pay more attention to abuse and security issues in the future.”
In an article for BizTech Magazine, Ricky Ribeiro writes that “building a business requires founders to wear so many hats that sometimes the security hat just never makes it out of the closet. Scale, stability and revenue take precedence.”
Ribeiro ends his story like this: “If startup founders weren’t thinking about securing their corporate user data before, the Snapchat breach should definitely inspire them to build a strategic security plan going forward.”
Of course, not all startups should be characterized as security lackadaisical. Online Tech has had the opportunity to partner with several companies, particularly in the healthcare space, that built their product starting with a foundation of security.
When psychologist James Pann and his team set out to create EvalPlace, he wanted to differentiate the web-based performance management system for the health and human services fields through a strict adherence to security and compliance.
Knowing many potential clients would be collecting electronic personal health information (ePHI), Pann’s team built in the necessary safeguards to ensure EvalPlace met HIPAA compliance.
That meant also finding a HIPAA-compliant hosting option. Pann discovered Online Tech after reading the company’s HIPAA Compliant Hosting White Paper while searching online for a suitable partner. EvalPlace is now hosted on Online Tech’s secure and fully managed cloud server.
The stories are similar with Online Tech business associates such as instaRounds and Zadom Apps’ HipaaCat, two services created by medical experts with a firm understanding of the importance of data security.
Securing user data is a serious and continuous challenge for everybody. It’s true of large, established organizations that spend millions on security (as Target recently learned). And it’s true of startups, with their sometimes-limited physical and financial resources. But creating a culture of security from the beginning stages gives businesses a leg up in the quest to keep data safe.
CSO Online: Snapchat breach seen as startup growing pains
BizTech Magazine: Snapchat’s Data Breach Should Be a Wake-Up Call for Startups