Creating a Secure Development Framework
Introduction
In order to achieve business goals, organisations frequently have to develop bespoke application solutions or customise commercial off-the-shelf (COTS) packages. These range from complex back-office database applications, CRMs and asset management systems to customer-facing fat and thin applications. Corporate web-applications offer anything from a simple brochure request to a full e-business implementation.
Increasingly, these bespoke systems are exposed to larger and less trusted user-bases, from extranet business partners to the general public at large. Not only are they providing access to key assets and data, in many cases they are the business critical assets. In the case of software or service providers it is therefore vital that the security regime applied to the IT infrastructure is matched, and indeed exceeded, by that applied to the applications themselves. If not, then the applications may prove to be the Achilles Heel in an otherwise secure environment.
© Copyright 2000 - 2004, Corsaire Limited. All Rights Reserved