Security Questions


2 Votes
3 Answers
2.64K Views
Is it safe to use cloud services like Dropbox and Google Docs to store sensitive documents?

I'm exploring safe places to store my startup's intellectual property. These could be anything from vendor lists to investor term sheets, etc.Should I trust cloud service providers like Google and...

asked Jun 11 '15 at 18:14
Blank
Brenda Tanner
14 points

4 Votes
3 Answers
6.79K Views
Why are code-signing (and SSL) certificates so expensive?

I was looking for cheap code-signing certificates, but all I saw were over $100/year. I think the same applies to SSL certificates. I read some references to insurance coverage amounts, maybe to...

asked Oct 1 '11 at 02:40
Blank
Nestor Sanchez A
690 points

1 Votes
1 Answers
4.06K Views
Will consumers expect a SSL secured site as a default standard, even if your site doesn't do financial transactions?

More and more startups seem to be using SSL sites as the default (even for their logged out states). Is this a trend to provide better privacy for consumers that has become the norm?SSL definitely...

asked May 5 '14 at 13:21
Blank
Karen Russ
7 points

0 Votes
0 Answers
1.71K Views
Strike a balance when answering customer security questions

We have a free B2B Saas offering - we are young company and still getting established and we get asked questions on a daily basis about security. The questions we get asked almost daily are things...

asked Nov 6 '13 at 21:44
Blank
Bhttoan
735 points

1 Votes
2 Answers
3.33K Views
Risks of a website that lets users meet up?

I'm looking into creating a website which would be based on users meeting up (nope, not another dating site!). The obvious worry here is users meeting crazy people and bad things happening. Is...

asked Mar 25 '12 at 06:55
Blank
Mike Lentini
108 points

0 Votes
3 Answers
2.1K Views
Security as a monetization option

Given a "Could file sharing" service, is it feasible to provide non-secure (http) service for free, whereas if you need to store and transfer important data, you pay for secure service (https) a...

asked Apr 3 '12 at 23:34
Blank
Maxim V. Pavlov
217 points

9 Votes
6 Answers
6.01K Views
Legal or Ethical Responsibility to Safely Store Passwords

I'm working as a technical advisor to a start-up company. The company licenses its product (a web and mobile application) to large groups of people who then use it for a relatively short period of...

asked Nov 23 '11 at 23:40
Blank
Yuck
257 points

3 Votes
7 Answers
2.63K Views
What do you build in your e-commerce site to gain consumer trust?

I'm co-founding a start-up that is developing an e-commerce app. We're trying to decide what features to build in that shoppers would expect to see in order to feel comfortable submitting credit...

asked Oct 8 '11 at 05:15
Blank
Frank
16 points

4 Votes
4 Answers
2.7K Views
SSL Certificates

For an e-commerce site accepting payment information, I am being told I need to get an SSL Certificate. My hosting provider offers it for $99/year plus $25 initiation. Prices vary greatly -- e.g....

asked Oct 4 '11 at 06:27
Blank
D Moore
174 points

1 Votes
3 Answers
2.25K Views
Security breach and data loss insurance?

I would've thought that this is the #1 requested insurance for businesses. However, I cannot find much information if such insurance exists. Errors and Omissions insurance does not cover security...

asked Aug 27 '11 at 23:19
Blank
Igorek
886 points

3 Votes
4 Answers
3.19K Views
What are the best practices to protect sensitive user data from being misused by the engineers in a start up?

If a start up is storing sensitive user data in it's databases, how should the company protect it from it's engineers accessing it unnecessarily and misusing it?

asked Aug 17 '11 at 16:27
Blank
Sabya
116 points

2 Votes
2 Answers
2.22K Views
What QA & security steps to take before launching web app?

I've seen plenty of questions dealing with beta testing, marketing, market research and so on. My question is which practical quality assurance and security steps should a web app or service make...

asked Jun 19 '11 at 22:53
Blank
Joe
121 points

3 Votes
2 Answers
3.6K Views
What's the most efficient and cost-effective way to become PCI compliant?

I'm working on a business-to-business web app. About a year ago we gave our users the ability to charge credit cards (from customers calling them over the phone) directly within our software...

asked Jan 6 '11 at 04:16
Blank
Alex Cook
641 points

4 Votes
7 Answers
2.41K Views
Should security updates be free?

A customer has found a serious security flaw in my software, over a year after their support period has ended. Should I provide a free update? The upgrade price is substantial, so I don't want to...

asked Jan 12 '11 at 23:32
Blank
Steve Hanov
596 points

1 Votes
6 Answers
2.38K Views
New Web App / Website - Authentication

(Not sure if this was a programming or startup question, but I will ask you guys) Authentication on a new website: Should I go with OpenId, or use my own Forms-based authentication. My website is...

asked Oct 26 '10 at 22:55
Blank
Martin
1,340 points

2 Votes
3 Answers
2.18K Views
Website security

Last Saturday my site received an unusually high volume of brute force attacks. Yep, those darn teens from Western Europe or smart scripts from academic towns in Siberia, trying tirelessly to break...

asked Oct 13 '10 at 00:32
Blank
Usabilitest
1,698 points

7 Votes
5 Answers
6.56K Views
Verisign vs. Thawte? Looking for advice

Our SSL certificate with Thawte is about to expire and I was wondering if this is still the best route. Any recommendations?

asked Oct 6 '10 at 07:24
Blank
Chris
4,214 points

0 Votes
3 Answers
1.84K Views
How to Secure A CD Product

I have an idea to launch tutorials on CDs but is it possible to bypass someone being able to just burn the disc? I was thinking: Incorporate something that uses an online account so they must log...

asked Jul 21 '10 at 23:40
Blank
Dr. Khan
27 points

3 Votes
6 Answers
4.13K Views
Separate Banking for Personal and Business

Are there any advantages to banking at different institutions for your personal and business accounts? If so, what's your strategy? Are there any disadvantages? I was initially thinking along the...

asked Mar 12 '10 at 19:23
Blank
Clint
695 points

2 Votes
3 Answers
2.31K Views
No-touch sign up security risk?

My SaaS startup is considering implementing a new sign-up procedure, but we're worried about security and false accounts. Current Method Prospect fills out free trial form We get an email from...

asked Mar 4 '10 at 23:48
Blank
Rich
61 points