Thomas King

Does a Minimal Viable Product Need Any Security Considerations? YES! (Cloud Computing)
I really like the lean startup movement. It is result and data driven, and leads quickly to products customers want. One big building block of the lean startup movement is a so-called minimal viable product. The concept of a minimal viable product means that you build a product with a minimal set of features that might not be completely finished and you show this product to your potential customers so that they can give you feedback about it. You use this feedback to improve your product and add the features customers ask for.

If you just started working on your startup and you just finished your minimal viable product please think twice: Did you add security to all the parts of your minimal viable product that work with sensitive customer data?

I consider security a critical component of a minimal viable product that handles sensitive customer data because if you do not have security in mind while building your minimal viable product it might happen that your customers will sue you before you get of the ground. For instance, if you are storing loginnames or passwords of other cloud services or bank account information and this data is lost because you got hacked your customers will turn on you and make sure there is no version one of your product.

I am not saying that you need a multi-layered, very complex security concept already implemented in your minimal viable product. However, I am saying provide basic security measures for the sensitive data of your customers. These first steps already made during the work of the minimal viable product will help you adding more relevant security features while your product grows. And the basic security measures let you manage the security risks you are facing during the early versions of your product.

I am not telling you this story out of the blue. At a startup a friend of mine works it happened that they got hacked a couple of weeks ago. However, because they had added a certain layer of security to their minimal viable product the hacker could not retrieve any sensitive data of customers. So, be aware and think twice of security!


This text represents my personal opinion and has nothing to do with any company I associated with.
Posted by Thomas King at 22:38 2013-07-25 | Trackbacks (0) | Comments (0)

• Description

  • My personal blog ... ;-)

• Archives

  • Index
  • January 2014 (1)
  • October 2013 (1)
  • September 2013 (2)
  • August 2013 (2)
  • July 2013 (2)
  • April 2011 (1)
  • March 2011 (4)
  • February 2011 (1)
  • January 2011 (4)
  • December 2010 (3)
  • November 2010 (2)
  • October 2010 (7)
  • September 2010 (5)
  • August 2010 (1)
  • July 2010 (1)
  • June 2010 (2)
  • May 2010 (3)
  • March 2010 (1)
  • February 2010 (1)
  • January 2010 (1)
  • December 2009 (3)
  • November 2009 (2)
  • October 2009 (1)
  • September 2009 (3)
  • June 2009 (11)
  • May 2009 (5)
  • April 2009 (2)
  • February 2009 (2)
  • October 2008 (2)
  • August 2008 (2)
  • July 2008 (3)
  • June 2008 (2)
  • April 2008 (4)
  • March 2008 (3)
  • February 2008 (2)
  • January 2008 (2)
  • December 2007 (3)
  • November 2007 (5)
  • October 2007 (2)
  • September 2007 (7)
  • August 2007 (6)
  • June 2007 (1)
  • February 2007 (2)
  • January 2007 (1)
  • December 2006 (2)
  • November 2006 (6)
  • August 2006 (4)
  • July 2006 (4)
  • June 2006 (3)
  • May 2006 (2)
  • April 2006 (1)
  • March 2006 (7)
  • February 2006 (3)
  • January 2006 (3)
  • December 2005 (3)
  • November 2005 (1)
  • October 2005 (3)
  • September 2005 (5)
  • August 2005 (4)

• Categories

  • Android (21)
  • Cloud Computing (7)
  • DE-CIX (8)
  • General (50)
  • JSTUN (12)
  • MobileKnox / Safe (40)
  • Ph.D. studies (34)

• Authors

  • Thomas King (172)

• Feeds

  • RSS 2.0