About once a year I get an email from someone working in a security and compliance department at a large organization asking that I fill out a detailed security questionnaire to help them assess the risk of their employees using Preceden.

I received one recently from a large, well-known company in Europe. In addition to an NDA, they asked I fill out a lengthy security questionnaire.

Here’s a sample:

It’s tough because they would wind up being one of Preceden’s largest customers and the deal would move the needle on Preceden’s revenue in a big way.

But, because I’m the only person working full time on Preceden and these security questionnaires come up so infrequently, it just hasn’t made sense for me to go through the process of getting a formal security certification which can cost tens of thousands of dollars and take months of work to complete. I know there are services like Secureframe these days that can help businesses get and stay compliant, but it would still be no small project to complete and it would come at the expense of lots of other product and marketing initiatives — and likely my sanity as well.

Maybe one day I’ll pursue a security certification and get all this paperwork in place, but not today.