Guest Post: Holly Singer, President of HS Marketing, a firm dedicated to helping firms in the alternative investment community achieve lasting impressions, contributes with to The Final Meeting with marketing advice for hedge fund managers and service providers.
Prompted by questions from some of our hedge fund manager clients regarding the recent headlines about data security breaches and “cloud” computing catastrophes1, we are writing to offer some suggestions about how to protect your company’s valuable information on your website.
Tip #1: Adopt open source web solutions
You might wonder, “Who in their right mind would trust their firm’s website to run on free software?”2 In fact, 66% of websitesare hosted on open source Apache server software. Microsoft’s platform, the second most popular, has only an 18% market share. Apache-powered sites include Apple, Goldman Sachs, Booz Allen Hamilton, CNN, eBay, Ticketmaster, ESPN, Cisco, PayPal, Twitter, LinkedIn . . . the list goes on.
Some of the benefits of open source solutions include:
- transparency of security methods
- development communities that attract some of the best minds from business and academia
- natural selection – only quality sustains open source software, not marketing or monopolistic strategies
- no license compliance or renewal issues
Tip #2: Avoid “free” commercial solutions
This advice might seem to contradict Tip #1. But it doesn’t. Some open source solutions are offered for free, and the publishers generate revenue by supporting large corporate and government installations. One prominent example is OpenOffice, an excellent alternative to Microsoft Office.
Other “free” commercial solutions like Gmail, Google Analytics, and Facebook actually extract a significant hidden price. Their business model generates revenue from the information that users of their “free” services provide. It has been said that under this arrangement, you are the product being sold. Are you willing to donate proprietary information about your company and your customers to use these “free” services? We urge our clients not to mistake simplicity or inertia for a good business decision.Keep your data under your control. Even third-party, paid providers are not always a safe bet; for more information on this topic, see What should your business learn from the Epsilon security breach?
Trap #1: Beware discount mega-hosting providers and off-the-shelf website management solutions
It might be tempting to sign up with one of the huge website hosting providers like GoDaddy. After all, fees as low as $3 per month are naturally attractive. But ask yourself about the quality of service you get for that price. These companies don’t make money by dedicating resources to high-quality service – the math simply doesn’t work out. We recently encountered a new client who was unwittingly running their website on a platform that was three years out of date and vulnerable to multitudes of widely-published security holes.
Your website is an important component of your business. Is it wise to skimp on a few hundred dollars and risk a breakdown? Bulk service seems great when it’s humming along, but if something goes wrong you could incur a lengthy site outage, damaged client relationships, time and cost to fix the problem, and extreme frustration. Our web development and hosting partner Online& actively monitors its systems daily and applies necessary updates as they become available, at no additional charge to clients. It is simply the right thing to do.
The same conscientiousness has driven the development of our custom website management system, designed specifically for the alternative investment community. We offer a tiered set of solutions in conjunction with our strategic partner Online& LLC. This modular, scalable suite of services robustly supports marketing, investor relations, compliance, and data security requirements for investment management firms and service providers – at a lower cost than other general-purpose products like Drupal, WordPress, and Joomla. We invite you to learn more.
If you have any concerns about the security of your own website platform, or are ready to move up to the next level of functionality, we welcome an opportunity to discuss your questions.
A small sampling:
Sony Attack Shows Amazon’s Cloud Service Lures Hackers at Pennies an Hour (May 16, 2011)
Microsoft business cloud customers suffer email outage (May 13, 2011)
Sony’s Security Breach May Be the Biggest Personal Data Heist in History (May 4, 2011)
After Breach, Companies Warn of E-Mail Fraud (April 4, 2011)