Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Tech startups need to get serious about security

Kenneth Corbin | Sept. 11, 2015
Federal Trade Commission chair takes her message about security by design to the Bay Area, urging young companies not to let the rush to market overshadow critical consumer protections.

Ramirez is also appealing to tech startups to conduct threat assessments early on and in circumstances that will simulate how the application will function in the wild, effectively trying to hack their products before bringing them to market to ensure that the security features function as they were designed.

"Evaluate your product in scenarios that replicate how consumers will use it in the real world," Ramirez said. "Often there are financial incentives to rush to market, but make sure your security is ready before you launch."

Then, once the product is live, startups must remain vigilant about security issues as flaws are discovered and new threats emerge. Ramirez suggests that firms consider setting up a bug bounty program or designating a point person to serve as a liaison to the security community, someone researchers can contact when they discover a vulnerability.

"Bugs are inevitable," she said, "and when flaws are discovered, companies must have effective strategies for managing, addressing and learning from vulnerability reports."


Previous Page  1  2 

Sign up for Computerworld eNewsletters.