These days, startups grow rapidly and in this instant period of growth it is extremely difficult for them to correct course once they recognize missteps. They sometimes do not understand the mechanics of operating till they reach the moment of truth i.e. data breeches. They consider security just like friction which creates hurdles in getting a job done. Startups sometimes do not have enough funding for a well formed security team but a security breech can bring their whole game to an end. If a startup thinks that it’s too minor to matter to cyber criminals, then it’s fooling itself with false sense of security. Freshly established startups are the most vulnerable to cyber-attacks.
For this purpose, Facebook’s security engineer Benjamin Strahs has decided to offer advice to founders about how to create a secure culture for startups. According to him, every company cannot have a security system as big as Facebook. It is because Facebook is a social media company and holds a wealth of data on its part. Security is a must for every next move taken by the platform. Over the past few years, Facebook has enrolled encrypted messaging, secure browsing, as well as new account authentication methods. It has also improved the account recovery strategies to make sure users stay safe. Facebook keeps on testing its programs for vulnerabilities from time. It even conducts a bug bounty program that invites public to look for any loop holes.
Smaller startups on the other hand cannot perform all these tasks due to lack of financial or engineering resources. This is why Benjamin Strahs advises all startups to use open-source frameworks and centralize their risks by focusing on them more easily.
Many education initiatives have been led by Strah for his non-technical workers and have even taught them how to spot the phishing schemes or any other suspicious behaviors. According to him, just securing the infrastructure is now enough. The employees of a company must have the understanding to keep themselves secure as well as to protect users’ data.
There are many bad things that could befall a startup as a result of security breaches therefore the companies need to make intelligent decisions about defense and organize the company’s security needs and capabilities by using the right frameworks.
Via: Tech Crunch