Libel that lingers: Online reputation management
Estimated reading time: 6 minutes
I have been saying for a while now, online reputation management will be the next big business opportunity over the coming years. Today, I’m even more certain of this opinion after having suffered an attack against our reputation here at Zyncro.
I’ll explain what happened. A few weeks ago it was decided to analyze the security of a new platform we were going to launch in conjunction with an important client. The said platform was not yet in production, so it was the ideal time to conduct a thorough security test.
The test was carried out and a series of vulnerability issues were detected that we had already found and corrected in other platforms. We proceeded to carefully study what the security company was saying in case anything else should crop up and we had the detected incidents corrected within 48 hours without any major problems. Let me to remind you that the platform was not yet up and running and no client could access it.
Everything was all right up until this point, but on Friday, we found that the auditing company, Internet Security Auditors, had published the study in a security forum. It doesn’t say much about that company. It was a confidential report that they had been requested confidentially, which means that publishing it goes against any code of ethics and can lead to legal repercussions against them. Nonetheless, the report clearly states that the potential problems have already been corrected. Here you have a link to the report.
If it had ended here, there would be little else to tell but then came the libel online. One of our competitors had created an article in a blog on Tumblr about what had been published in Menéame. The blog is called Seguridad en la Red (Internet Security) and the article criticizes Zyncro’s architecture, describes all of its weaknesses and doesn’t make any reference to their correction. The blog article does not allow for any comments to be made, nor is it signed and it is the only article to be found in this spectacular blog. Objective: to damage Zyncro‘s reputation.
Of course, later the company and some of its friends decide to retweet it in order to give it maximum coverage. Take into consideration that most of us who tweet, do so without verifying sources (myself included) and that very few people will verify the original information source, it being very technical and in English*.
This technique also aims ‘to provide positioning’ when the words “Zyncro Security” are searched for.
What should be done when faced with this type of defamation?
In my opinion, a direct response should be made by taking the bull by its horns; indirect and sideline replies are of no use. The Actimel case comes to mind whereby the product was attacked in an email containing a pack of lies that were supposedly backed by scientific research (without links to their sources). I think the company took far too long to provide a clear response and even regular customers began to doubt whether what was said was true or not. This is how strong defamation can be. They sow doubt about your product or service in the minds of previously peaceful and convinced people.
As a guide of steps to take, I recommend:
- Don’t reply in the heat of the moment, allow a few hours to pass (not days or weeks) in order to think out the response well.
- Do it in a calm and serene manner, explaining the facts clearly.
- Don’t give a counter-attack response that does not state fact. For example, publishing a technical article today on Zyncro’s security would probably not be enough; it could even cause further doubt. But for those of you who would like to know more about our security, here you have a good document (that we have not put together today) http://my.zyncro.com/files/Sjuixte
- Try not to be annoyed, I didn’t manage this one… It’s a good job I have a sensational team and a master of positive thinking for a business partner who managed to calm me down.
Let me to conclude by reminding you all that Zyncro’s 2.0 spirit enables us to employ a philosophy of total transparency in all areas. How many products in the cloud make their availability and service level public? I can assure you without a doubt that they are few and far between, our technical architecture allows us to have high availability and security. To those of you who are cloud software providers, I recommend status.zyncro.com. It doesn’t take much effort and provides a great deal of transparency.
*This blog post was originally written in Spanish (Sources of the links have not been verified)