Pages Menu
TwitterLinkedIn

Posted by on May 17, 2011 in E-Letters |

Tips, Traps and Trends

e-letter from HS Marketing

Keeping Your Website Secure and Your (Investors’) Data Safe

May 2011


Dear Clients and Friends,

Prompted by questions from some of our hedge fund manager clients  regarding the recent headlines about data security breaches and “cloud”   computing catastrophes1, we are writing to offer some suggestions about how to protect your company’s valuable information on your website.

          Tip #1: Adopt open source web solutions

You might wonder, “Who in their right mind would trust their firm’s website to run on free software?”2 In fact, 66% of websites are hosted on open source Apache server software.  Microsoft’s   platform, the second most popular, has only an 18% market share.    Apache-powered sites include Apple, Goldman Sachs, Booz Allen Hamilton,   CNN, eBay, Ticketmaster, ESPN, Cisco, PayPal, Twitter, LinkedIn . . . the list goes on.

Some of the benefits of open source solutions include:

  • transparency of security methods
  • development communities that attract some of the best minds from business and academia
  • natural selection – only quality sustains open source software, not marketing or monopolistic strategies
  • no license compliance or renewal issues

          Tip #2: Avoid “free” commercial solutions

This advice might seem to contradict Tip #1.  But it doesn’t.  Some   open source solutions are offered for free, and the publishers generate   revenue by supporting large corporate and government installations.  One   prominent example is OpenOffice, an excellent alternative to Microsoft Office.

Other “free” commercial solutions like Gmail, Google Analytics, and   Facebook actually extract a significant hidden price.  Their business   model generates revenue from the information that users of their “free”   services provide.  It has been said that under this arrangement, you are the product being sold.  Are you willing to donate proprietary   information about your company and your customers to use these “free”   services?  We urge our clients not to mistake simplicity or inertia for a   good business decision. Keep your data under your control. Even third-party, paid providers are not always a safe bet; for more information on this topic, see What should your business learn from the Epsilon security breach?

          Trap #1: Beware discount mega-hosting providers and off-the-shelf website management solutions

It might be tempting to sign up with one of the huge website hosting   providers like GoDaddy.  After all, fees as low as $3 per month are   naturally attractive.  But ask yourself about the quality of service you   get for that price.  These companies don’t make money by dedicating   resources to high-quality service – the math simply doesn’t work out.    We recently encountered a new client who was unwittingly running their   website on a platform that was three years out of date and vulnerable to multitudes of widely-published security holes.

Your website is an important component of your business.  Is it wise   to skimp on a few hundred dollars and risk a breakdown?  Bulk service   seems great when it’s humming along, but if something goes wrong you   could incur a lengthy site outage, damaged client relationships, time   and cost to fix the problem, and extreme frustration.  Our web   development and hosting partner Online& actively monitors its   systems daily and applies necessary updates as they become available, at   no additional charge to clients.  It is simply the right thing to do.

The same conscientiousness has driven the development of our custom   website management system, designed specifically for the alternative   investment community.  We offer a tiered set of solutions in conjunction   with our strategic partner Online& LLC.    This modular, scalable suite of services robustly supports marketing,   investor relations, compliance, and data security requirements for   investment management firms and service providers – at a lower cost than   other general-purpose products like Drupal, WordPress, and Joomla.  We   invite you to learn more.

If you have any concerns about the security of your own website   platform, or are ready to move up to the next level of functionality, we   welcome an opportunity to discuss your questions.


1 A small sampling: Sony Attack Shows Amazon’s Cloud Service Lures Hackers at Pennies an Hour (May 16, 2011) Microsoft business cloud customers suffer email outage (May 13, 2011) Sony’s Security Breach May Be the Biggest Personal Data Heist in History (May 4, 2011) After Breach, Companies Warn of E-Mail Fraud (April 4, 2011)

2 “Free” and “open source” are not necessarily equivalent, but may be considered interchangeable for our purposes here.

Sincerely,

Holly Singer, President, HS Marketing, LLC www.hsmarketing.com

Princeton Junction, NJ 08550 | tel. 609.275.1303