Early in my HP career, before jumping into privacy, I took extensive training as a Total Quality Control (TQC) Coach. The concepts of TQC - taking the time to build a process or product in the optimal sequence with the 'right' elements, mirrors the famous missive, "build it in, don't bolt it on", often applied to incorporating security and privacy needs in product development cycles, cloud security and even business operations. 

A TQC-type approach can be the key to privacy and security compliance for small and medium companies that struggle with the demands of tight resource allocation while executing necessary business initiatives; when only a few projects can be chosen. These businesses strive to balance growth and compliance, ethics and innovation, survival and investment. The pressure comes from the top - investors, the sides - partners and customers, and the bottom - employees. It takes a virtual village to meet the challenges of building a small business while meeting the security, privacy and compliance demands from clients, customers and their own employees. 

A commitment to mission and opportunity goes hand in hand with building privacy and security standards at the beginning of design and development processes. Businesses that think and operate that way have an advantage. And, it combats ideas like "we do it quickly so please don't add extra requirements" or "we'd rather gamble because no one cares about our tiny company".  

When businesses prioritize and apply TQC concepts to incorporate and build confidence in their privacy and security compliance baseline, they thrive, customer interests are served and the business grows.