Social Entrepreneurs rely on service providers to help them with operations, however these companies might be doing you more harm than good, as I recently discovered. My inexpensive web hosting plan with Profit Bricks suddenly turned into a small fortune when I was billed for exorbitant charges.
Profit Bricks dashboard did not update "Current Costs"
On June 22, 2015 I got a call from Profit Bricks warning me that the server had been hacked and I had consumed 10 Terabytes of bandwidth. Not being a technical person, I immediately went to the Profit Bricks dashboard and the current bill showed $150 dollars. I thought to myself “not that bad.” I am just going to turn it off and call the tech contractors to fix the issue, then I turned the servers off from the dashboard. I kept checking the cost for two days and it did not increase dramatically. A day later, I received another call from Profit Bricks telling me that the server was still using Terabytes of bandwidth. I explained to them that I had turned it off the day before from the dashboard, to which he replied that the server was still on and consuming bandwidth, at that point I asked him to turn it off from his end. The server was finally turned off from their side.
Security infrastructure is not provided by Profit Bricks
After the incident was over, I discovered that there was no firewall, no security infrastructure and it was all my responsibility according to Profit Bricks. Additionally, I have no way of knowing if the hack happened on my application or their servers. At the end of the month, Pymerang’s bill was $2,789.02 instead of the usual $150 approximately.
Our personal assets at risk according to their aggressive collection agency
When we thought things could not get worse, well… they did
We established communication with their sales personnel, then it escalated to Finance and Executive Operations, all explaining, begging and requests for discounts were denied because Profit Bricks established that they provide infrastructure as a service and not managed hosting therefore security was entirely Pymerang’s responsibility. Profit Bricks has followed their collection process and we are now in a situation where we might be sued personally risking our personal assets.
When Pymerang.com began in December 2011, it was created to disseminate entrepreneurship and business management information in Spanish. Most of the available information is created and posted in English, creating a big knowledge and mobility gap between the haves and the have nots in Latin America. The haves are able to speak and read English and they have access to all the resources available online; in the meanwhile the have nots are limited to the Spanish offerings which are not as cutting edge or robust as the English ones. Pymerang’s mission is to get quality information and resources to the Spanish Speaking only readers.
A good cause with a bad outcome
For the first two years, Pymerang was hosted with Rackspace and there was no issues at all. The infrastructure was good, the security was good, the service was good, everything went smoothly. In mid- 2014, a new company called Profit Bricks showed up promising flexibility, more control and lower costs. With Pymerang being an initiative, not designed for profit, we jumped into the opportunity to save money that we were funding personally.
A single decision to save money and switch hosting companies lead us here, as a business Profit Bricks might be in their right to collect the money. I truly do not know how the hacker got into the servers. We will probably end up having to pay the price of making a decision without getting informed about the security caveats that came with a lower price.
The lesson: Make sure you understand what you are getting and what your responsibilities are regarding your hosting provider.