A little while ago I posted asking the question “can you really trust a bootstrapped startup”. I received a number of comments on the post, most of which came from the perspective that trust isn’t an attribute that results from how a business is funded, it’s something built through actions, professionalism and design.
The most scary comment cam from Dan, his tale of woe went thus;
Check out this excerpt from an email I received from a very well funded high profile startup (who shall remain nameless…)
“Yesterday morning we had a major server outage affecting our 1.0 customers. We completely lost one of our database servers. The day was spent rebuilding and restoring everything we possibly could.
There were a handful of accounts that the restore completely failed on. Yours was one of those accounts. We have exhausted all available avenues for restoring the account data with no positive results.”
This proves that even well-funded startups can make the most basic and fatal of mistakes.
Dan’s perception was that, given his experience, it’s not about trusting a bootstrapped start-up or not – it’s about trusting any start-up.
But let’s look at the extension of this which is, of course, that the real problem is trusting something that sits anywhere other than on your premises. We already know that enterprise has real concerns about a move to SaaS, in part this is due to concerns about data security – sure we never here about the good stories, only the vary rare occasions when things go wrong (as in Dan’s example above), and sure most data losses happen on poorly configured and maintained machines sitting on site.
There’s no easy answer to the perception of security issues – the entire SaaS industry needs to get together to ensure all entrants play by a common set of rules around data portability and security. In a nascent industry such as SaaS, all players will gain from a higher aggregate level of execution.
Perhaps the time has come for a neutral and universal set of standards for web based hosting and storage to ensure that we protect the entire industry from the threat posed by poor execution on the par of a few.