|
This is why ISVs need to start implementing security into their software development lifecycles and be more transparent as to what they are doing to keep data safe. This is only going to happen if we as security practitioners and customers press vendors to start producing more secure software. And if the past is any indicator, acting as customers will be far more effective. Practitioners can have a deep impact, especially from the angle of driving down support costs, but what really gets the attention of marketing and sales departments is customers demanding feat...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
ures.
Years ago, someone asked Mark Graff, author of Secure Coding, when the company he worked for would stop making "such crappy software." He answered, "When you stop buying it." It was irate customers who pushed Microsoft into starting its Trustworthy Computing initiatives, and it will be irate customers who will push Web application vendors to start taking security seriously. It is up to us to teach those customers not only what they are missing so they know what to ask for, but also that the little lock icon is not enough to keep their data secure.
|
 |
|
