The new security plan is a five-pronged effort:
After reaching a resolution, we spent today working on a go-forward plan to ensure that this never happens again.
Plan
1. Hire a Chief Security Officer and associated staff that will focus solely on issues relating to information security.
2. Have regular 3rd-party infrastructure & application security audits.
3. Continue to invest in systems to aggressively filter out sensitive information.
4. Control caching of information in search engines.
5. Create a security and privacy center that contains information about what we are doing to protect you.
The security of our users is our highest priority. If there are additional measures you would like us to take to improve Blippy’s security, please do not hesitate to email us at hello@blippy.com. We will personally respond to each and every recommendation.
Reading this list, I wondered why some of these measures were not implemented on day one. They’re a small start-up, so I understand not having a designated Chief of Security yet, but they should have had a security and privacy center (because of the high volume of sensitive information) and a closer relationship to search engines. Of course, that old cliche: better late than never, certainly holds true here. Conclusion, it’s thin on details but if executed properly, it could go a long way in restoring trust and persuading new users to come on board.
No comments:
Post a Comment