Website Building: Speed vs Security
Do you remember the story of The Three Little Pigs? The first two pigs were almost killed by the big bad wolf because they were lazy and chose to build their houses with either straws or sticks. Their houses seemed stable at first, but in reality, were too weak to protect them against an outside attacker. It was only the third pig who was safe because he chose to build his house with bricks. Through this story, we all learned that it is incredibly important to invest time if we expect good results. Although we all remember this story from childhood, we often forget that this same story applies to managing businesses. Just like the third pig used bricks to build a secure home, it is incredibly important to invest the time and use the right resources to build a strong business website.
In the case of cyber security, in recent years, big bad wolves (hackers) have increased in number. However, not many companies are building their websites as if they were building brick houses. Many companies, especially startups, are building their websites like they are the pigs who built their homes out of straw or sticks—rushing to launch their websites without much concern about its coding or security. However, there are mistakes to this method. Here are the two mistakes that businesses and startups make when they would rather build a website quickly as opposed to building one strongly.
Mistake #1: Businesses Who Build a Website of “Straw”
In any business or freelance forum, you can see that many startups are looking for developers. The most common posting is a CEO with a promising idea and a strong network. However, he is in great need of a website developer, and in many of these cases, the job needs to be completed quickly. Unfortunately, these websites are built out of “straw” and are the weakest of all.
If the CEO does not find a good developer soon, he often ends up hiring an outsourced developer who can quickly finish the project—a website that can be shown to investors, run A/B tests, pivot, etc. Because time is the CEO’s main concern, the main decision criteria often becomes only an issue of time.
Some may think that first websites may just be prototypes that can be fixed later. However, anyone experienced with website development knows that it is much more difficult to fix coding than starting from scratch. So, job posts looking for a developer who can build mobile app within a month often result in apps that barely operate with many bugs.
Mistake #2: Businesses Who Build a Website of “Sticks”
There are many startups with in-house tech teams that have websites built out of sticks. Many companies and startups often hire developers without knowing if those developers have a strong understanding of securely building or maintaining a website. Many ask about coding, but almost never test the developers about their knowledge of website security. Many developers do not think about website security in the same way that many hackers do. They do not think about how their websites can be hacked, so often overlook many vulnerabilities that leave the website’s database and customer information vulnerable to hacks. However, if a company’s culture does not emphasize security, then it can be expected that developers will focus on their ability to quickly build a website instead of building it securely.
Build Your Website out of “Bricks:” Always Hire Strong Developers
Most startups are pressured to grow quickly and it is completely understandable. If they do not stand out among many other startups, they will not receive the attention of both customers and investors. However, if startups are pressured to grow quickly and do not have strong security management, their businesses will be hurt in the future because all businesses are targeted by hack attacks that cause them to lose customers’ trust and thousands of dollars in fines.
Startups have multiple options to build their websites out of “bricks.” They can start by consulting security consultants for security launching plans and applying security products and solutions. However, the most critical point of building a secure website is building a business culture that cares about information security with website security objectives that are practiced by their developers.
Developers who can quickly code are less useful to a business than a developer who understands the significance of secure website development. Just like bricks are placed one by one to build a house, an application structure should be built with much careful consideration.
If you start discussing with your developers today about how they are protecting your customers’ information and your website, you will be able to quickly recognize if your house is being built with straws, sticks, or bricks. If it is not built with bricks, you should quickly work to rebuild your house before the big bad wolf comes to get you.