Why it’s important to bury your head in the sand

Posted by Philip Bindley

At The Bunker we work with a wide range of businesses that are at very different stages of their growth. From well established brands serving major financial services organisations, healthcare and governmental organisations. The shared values we have with our customers are based soundly on a set of beliefs that Information Security is a fundamental factor in growing and maintaining a successful business. As we put it in our philosophy that “Information Security should enable businesses to be more competitive, manage risk, protect brand and allow innovation in a controlled manner”.

This has never been more of a compelling philosophy in the environment in which we all operate today. With Cyber Security high on the agenda of board meetings (finally!) and Cyber Risk being a key factor in business planning. For those that are starting out on a journey to build a new business or a new set of services to not start as you mean to continue is an approach that will not necessarily lead to disaster but will certainly introduce risk and inevitably cost as consumers and your supply chain insist on tangible evidence that you are “doing it right”.

That’s why we have introduced our Sandbox products to allow organisations to bake the controls and auditable assurance into their infrastructures and platforms from the get go. With the support of both Intel and Lenovo and based on our experience and insights from working with customers that operate in the most highly regulated and compliance driven markets, we have created a low barrier to entry for those who see that building on firm security foundations and principles will enable them to accelerate their growth.

It’s a fairly straight forward principle to convey and akin to a well-established process that “should” be familiar to those from a software development background. The Software Development Life-Cycle (SDLC) should be a process that involves the testing of the code to ensure that vulnerabilities do not exist. This should not be a “final step” but a periodic check at significant points in the SDLC. To leave the security testing to the end risks having to reverse engineer security into the product and “break” other functionality already developed in doing so. That equates to cost and increased time to market. This is totally analogous to infrastructure and platform security, which should be there from the beginning, not only to protect businesses but to provide a seamless transformation from development and pre-production into the real world with real customers and real data.

Building a platform from day one in a way that easily scales as perhaps additional funding is received or as your first customers come on board is paramount to controlling costs and risk as you grow. We have a great case study of a business that we have worked exactly in this way with (Trust-hub case study).

The sandbox products allow you to start small, scale easily but have all of the support you need to maintain, monitor and manage your environment and provide the security controls that may seem superfluous when the focus is rightly on getting the product to market but will be essential for your continued success in the future.

I’m sure you, as have I, have had many moments in business and in life where a situation has arisen and you have an “if only I had thought about that earlier” moment. The sandbox is an opportunity to those that want to at least try to cover off some of those Homer Simpson moments and avoid the consequential “DOH!”

We all operate in a highly competitive market and speed to execute and to focus resource and investment into the right areas is key. Avoiding the costs of teams to run the underlying nuts and bolts of a technology platform, providing evidenced security without having to do it yourself and sharing the insight and experience of others is a simple recipe to follow and helps our customers succeed in the things they are great at.

To end on a lighter note and harking back to the great yellow man himself a quick quote:

“This year I invested in pumpkins. They’ve been going up the whole month of October and I’ve got a feeling they’re going to peak around January. Then bang! That’s when I’ll cash in.”