Technical glitches have frustrated millions of Americans looking to sign up for insurance at HealthCare.gov and tarnished an already bruised White House reputation. But as a business owner, you know snafus can happen with any product launch. Here’s what you can learn from the botched ObamaCare rollout.
Whether rolling out a new Website or app, experts advise your mantra should be “slow and steady.”
“The government underestimated the complexity of the project,” says Ehsan Foroughi, director of research at Security Compass, an IT security company. “The system is interacting with so many other systems and was rushed.”
According to computer experts, one of the biggest mistakes the White House made -- and small business owners can avoid -- is setting a strict deadline for when the Website had to be up and running. While it’s important to launch things in a timely manner, experts say setting a deadline for something complex ultimately sets the project up for failure.
“With bigger projects in our company we try to never set fixed dates for a software project,” says Foroughi. “It’s really hard to put a hard deadline for such a big project (as the government health exchange).”
What’s more, Foroughi says small business owners should never try to roll out their new initiative in mass, but should opt for a slow rollout first. For instance, he says if a small business is launching a website that takes payment it’s a good idea to make it first available to a small group with less features, and slowly increase the size and the functionality the customers are able to use.
“You have to fix the bugs that might come along and you can’t predict the issues that might come,” says Foroughi. “You have to be able to tend to the glitches otherwise you get into firefighting mode.”
Limited access to the government’s health exchange was undoubtedly frustrating for many, but what got a lot of attention were the questions about security holes potentially putting people’s sensitive data at risk. While there is no evidence that any personal information was compromised, even the rumor of its possibility is ringing alarm bells. According to a CBS News report, top-to-bottom final security tests of the Website were never completed before it went live.
“The issue was they did not do the proper security testing,” says Alex McGeorge, senior security researcher at security firm Immunity. “They rushed it out in order to meet a deadline and as a result the privacy of the users are at risk.” The government can eventually recover from that, but for a small business, data breaches -- particularly if its sensitive customer information -- can spell the demise of the company.
In order to avoid a security breach from happening and damaging the company’s reputation, or worse, putting the company under, McGeorge says security has to be a priority from the start for any Internet-based project.
“Having delays are better than compromises,” says McGeorge. “Delay it [if] you haven’t done security testing. It’s better to release a product late than to put users at risk.”
Making security a priority from the beginning is extremely important, but it’s not the only thing small business owners should be doing. According to McGeorge, security reviews of the product are essential and should be done by a third party, whether its developers who haven’t worked on the project or an outside security firm. With any product launch there needs to be other sets of eyes looking at it to make sure there are no security vulnerabilities.
“No matter how good they think it came out, there’s always something people missed,” he says.
Once the software is live, McGeorge says the small business owner should do security reviews periodically, or whenever new features are added, and fix any functionality bugs.
“With software changes you need to continuously do security reviews. That’s how you stay on top of it,” McGeorge says.