Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

This is how to fail

By Tim Mitchell,

Today we have a guest editorial from Tim Mitchell as Steve is on vacation.

Along with risk comes the inevitability of failure.  With few exceptions, every organization and every person will, in time, experience some form of failure.  We all hope to prevent and avoid the kind of colossal failure that presents a do-or-die moment for a business (or career), but when those moments do come, it's important to fail properly.  Even when the unthinkable - a hack, a dropped production database, a loss of data - happens, it's critical to respond properly to minimize the damage and clearly communicate with those affected by the disaster. 

When I first read the news about the massive Buffer hack recently, I was nervous.  I have been a Buffer user (albeit a relatively inactive one) for a few months, and since I have several social media networks connected through Buffer, I was concerned that those accounts may have also been compromised.  I quickly learned that my account was not impacted, but immediately I was impressed with the way Buffer handled the whole mess.  It was bad - some 30,000 users were affected (out of a total user base of over 1 million) by the hack that allowed spammers to post message to the Facebook accounts of the affected users. 

Regardless of how the issue was handled, it was going to be ugly at the end of the day.  However, Buffer did a fantastic job of minimizing the damage in the way they responded to the breach.  Within a couple of hours of discovery of the hack, Joel Gascoigne, CEO of Buffer, owned the failure by notifying Buffer users via email as well as through his blog and other social media.  In a message entitled "Buffer has been hacked - here is what's going on," Gascoigne admitted that there had been a breach, described the symptoms of affected accounts, and listed for users what they should do in the meantime to prevent any further spam postings.  Even though they didn't (at that time) know exactly what had led to the hack, he repeatedly apologized on behalf of Buffer without trying to make excuses or shift blame.

In the hours and days to come, Gascoigne repeatedly updated Buffer users, via email and through his blog, on what they had learned about the breach, how it happened, and what users needed to do to resume normal operations with their Buffer accounts.  The information he shared was both detailed and transparent - he didn't try to hide behind vague explanations or invoke confidentiality.

Did he handle this failure properly?  A quick perusal through the comments on his blog post show an overwhelming collective message of support and thanks.  There is no doubt that this breach cost Buffer some users, very likely some of which were paying users.  However, the public response in support of Buffer shows that rapid response, clarity and honesty in communication, and taking responsibility for failures goes a long way when the worst happens.

Failures will come.  How we address those failures is often as much of the story as the failure itself.  Fail the right way.

Total article views: 280 | Views in the last 30 days: 2
 
Related Articles
BLOG

Weak Passwords Discovered in the 10,000 Disclosed Hotmail/Live.com/MSN leaked accounts

By now, hopefully everyone has heard of the security breach where accounts and passwords were found ...

BLOG

Some Thoughts on the Target Breach

Possibly as many as forty million credit cards used at Target were compromised. A staggering breach ...

FORUM

Data Breaches

Data Breaches It's almost a weekly news item. A data breach occuring somewhere in the world that m...

FORUM

Buffer Cache

Buffer Cache

FORUM

Bad Breaches

I saw a slideshow about the worst data breeches and there are some interesting ones on there. Mo...

Tags
editorial    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones