Data protection, open-source, and millions worth of goodwill

Hricha Shandily

Hricha Shandily

Published on

2 minute read

Data protection and privacy has never stopped being a developing topic. We recently came across an unfortunate data breach incident, which made us want to revisit the topic.

Most of us depend on software and tools provided by others for a variety of tasks across engineering, marketing, ops, and others. This, in turn, means that user data sometimes is managed by cloud providers. That is totally okay as long as the provider follows relevant laws and policies around shielding the personal information customers share. Still, somehow, sometimes, some things slip through the cracks.

The one thing Cloud Computing lacks

Cloud computing has been a sigh of relief for all of us over the past decade or so. SAAS brings a lot of flexibility, expertise and cost-cutting to the table. Overall, cloud providers give a nice and managed experience. While that is convenient, they also act as the processors of your customer data. This is usually okay, unless a single incident can shake you. At least, that’s what these stories have told us:

  • In a very recent incident, OpenSea fell victim to a data breach caused by an employee of one of their cloud providers: customer.io. OpenSea immediately warned its users and issued guidelines on how to not let this information compromise affect them negatively.
  • When 4.9 million DoorDash users suffered a data leak thanks to a third-party service provider.

21% of businesses store most of their sensitive data in the cloud. 40% have reported a breach in 2020. That sounds concerning.

Can open-source save the day?

Short answer: yes.

Longer answer: depends on your resources.

Privacy concerns are rising everywhere. So, one of the better solutions is ensuring your customer data doesn’t leave your premises. This is where open-source software can help.

All you have to do is find a relevant open-source tool of your choice and self-host the software. This way, you can benefit from the expertise of the OSS provider, tailor the software to best suit your needs, and of course, put yourself in charge of your customers’ personal information (no third parties involved).

Here are some more encouraging things OSS bring along:

  • Open-source software rely on transparency.
  • You’ll benefit from the community of open-source contributors.
  • There are tools to help you identify vulnerabilities in your software.
  • You’ll be responsible for your software and security updates.

That said, cloud providers do help with a managed product and customer service experience, usually for subscription fee.

Cloud and open-source software, both come with their own sets of pros and cons. While we support both, self-hosted software does enable you to own your user data completely.

So…

While there are laws to prevent cyber attacks, it is hard to be completely protected. That means data security is not so easy to maintain for anyone, whether it is you or a vendor.

So, what we do support and recommend is taking responsibility for your users’ trust. Whether you go for SAAS or a self-hosted solution, having your own data protection mechanism, such as access control, data masking, auth, in place will always help.

We are all built on the trust that our customers and clients place in us. This is why, it should and will always be a priority.

To making the web a sacred space for all. ✌️