Security experts have long bemoaned how difficult it is to get users to care about security; even technical users who already have a basic understanding of security and privacy issues. But, over the last year, consumers have become increasingly aware of the importance of security and privacy to their everyday lives. If anything good comes from the Equifax debacle, it will be an increase in the awareness of privacy issues among ordinary users.
That presents an opportunity for any company that handles sensitive data, including web hosting companies. Historically, businesses have invested the bare minimum into security and privacy because, in the short-term, it wasn’t an effective way to attract new business. That’s changing, and web hosting providers who show they are serious about data privacy will have an edge over the competition.
It’s important to understand that there is a difference between security and privacy, a difference that is conceptualized in the emerging field of privacy engineering. It’s not enough to convince potential customers that a web hosting provider’s networks and servers are secure: customers also have to be confident that the hosting company itself isn’t about to breach their privacy rights by selling their data.
Web hosting providers have always touted their security credentials, but privacy engineering goes further. It makes privacy a core concern to be incorporated into operations and processes throughout the business. In an ideal world, companies shouldn’t be able to access private information, even when it’s sitting on their servers.
That’s probably a step too far for web hosting providers, but most hosting providers are perfectly capable of giving privacy concerns a larger role than they currently have.
What does that mean in practical terms for web hosting providers?
Focus on privacy, not just security: When customers choose a web hosting provider, they want to know their personal and business information is protected by internal controls — often because the privacy of their customers is a function of how much their hosting provider cares about privacy.
Security is still vital: Of course, security remains a vital part of maintaining privacy. Make sure servers, networks, and software are updated in good time (customers would be amazed how many hosting companies don’t bother). Use malware scanning and outbound spam detection to catch compromised accounts early.
Take responsibility for web hosting customers' security and privacy: Historically, web hosting providers have been hands-off where security and privacy are concerned. If the customer messes up, that’s on them. I understand why that’s the case, but managed security services that help hosting customers protect their data are a win.
Use your privacy credentials to attract customers: Privacy is fast becoming a competitive advantage, so don’t be coy about it. Make sure leads know that privacy engineering is tightly integrated into the organization.
As mentioned in beginning of this article, one reason web hosting companies don’t make a big deal about privacy is that there’s been little pressure to do so, at least at the consumer end of the market.
But, going forward, privacy will become a major competitive advantage, and companies that take privacy seriously, both in their operations and in their marketing, stand to gain a significant advantage.