Here are some
suggestions that should be followed if we really want to improve our environments:
1. Stop depending on firewalls. Firewalls are no longer an effective single
countermeasure against attacks. Software vendors need to ensure that their
developers and engineers have the proper skills to develop secure products from
the beginning.
2. Act up. It is just as much the consumers??™ responsibility as the developers??™ to ensure
that the environment is secure. Users should actively seek out documentation on
security features and ask for testing results from the vendor. Many security
breaches happen because of improper configurations by the customer.
3. Educate application developers. Highly trained developers create more
secure products. Vendors should make a conscious effort to train their
employees in areas of security.
4. Access early and often. Security should be incorporated into the design
process from the early stages and tested often. Vendors should consider hiring
security consultant firms to offer advice on how to implement security practices
into the overall design, testing, and implementation processes.
5. Engage finance and audit. Getting the proper financing to address security
concerns is critical in the success of a new software product.
Pages:
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205