Summary: With data breaches on the rise, security becomes more important than ever. Is your company (unwittingly) putting your data at risk? Are you following best practices for data security? Learn 7 ways to better secure your data.
Modern developers are caught between a rock and a hard place. On one hand, businesses are requiring faster application delivery from their development staff. As software plays an increasingly important role in the modern business, developers regularly face impossible deadlines.
On the other hand, web application development is becoming more complex. For instance, as outlined in this article, modern developers must create applications that adapt to any device, port to any platform, integrate with other services, and withstand increasingly sophisticated attacks. Whew!
The big problem: With these changing requirements and growing demands for faster development, developers struggle to keep up. Certain development aspects are bound to fall through the cracks.
As it turns out, that is exactly what’s happening…with security. Despite the growing importance of proper security, many developers aren’t following basic security principles. How bad is it? According to this study from last year, 99% of applications have one or more serious vulnerabilities.
Today, let’s examine this problem. While I know we can’t address every security mistake developers make, we can highlight the most important principles. What basic security guidelines should every modern web developer follow? How can you protect your web applications from being easy targets for an attack? While the list could be much larger, I’ve rounded up 7 of the most important security tips every developer must follow, and listed them below:
Just when you thought that the healthcare.gov debacle was finally on the uptick, a “white hat” hacker just testified on Capitol Hill that security was never properly built into the site. He claims that fixing the critical-to-high exposures could require up to a year of work.
Not exactly what you want to hear about a website that stores your most sensitive information.
I bring this up to highlight an important point: Despite the rising importance of proper security, best practices are often ignored. Basic security mistakes still plague many web applications…including healthcare.gov.
As more development shifts to the web, and more data is stored on the cloud, security is a critically important topic. A single security misstep can compromise confidential business data or your customer’s personal information.
Today, let’s get back to the basics. While web application security is a broad topic, I’d like to focus on the security mistakes that web application developers should never make. These are the “basic” security principles that should never be ignored.
So, what are these security principles? What security mistakes should you never make? To help you answer those questions, we’ve compiled advice from some experts in the field (as well as some of my own) and listed everything below. Here are 10 security mistakes you should never make when developing web applications:
Working in the business software industry for over 30 years, I’ve seen my fair share of pretenders–amateur software posing as professional business software.
The problem is, this “amateur software” is often hard to detect. It looks great in the demo. Unfortunately, its limitations become apparent after you’ve already purchased the software…when it’s too late to go back.
Today, I’d like to share some tips that will help you separate business-focused application development software from the “amateur” software. I’m focusing on web application development software because that’s our area of expertise (we’ve been doing this for quite a while), but I’m sure these tips apply to most any business software.
So, what separates the pretenders from the legitimate, built-for-business software? Architecture and security. The cheap amateur software focuses mainly on the look and feel, but skimps on the architecture and security. Application development software that’s truly designed for business will include flexible architecture and business-class security features.
What types of security features should good application development software include? I’ve compiled a list of 7 security features that are absolutely essential in professional business application development software:
Every week, I share the most interesting and useful tech articles that I’ve found over the past week. This week’s top articles focus on the most notable smartphones, crazy security tricks, ways to optimize business analytics, and more. I hope you find them useful:
Mobile: The biggest change to hit retailing in 50 years
This article explains how mobile is completely revolutionizing the retail industry, but I think you could say the same thing for most any industry. Of course, mobile probably affects your industry in a different way than it affects the retail industry, but it’s a trend that cannot be ignored…regardless of industry. The big question: How can your business take advantage of the mobile revolution? For many companies, this involves bringing business apps to mobile devices, which can be a difficult and confusing endeavor if you don’t know where to start. If your company is considering mobile, here’s a whitepaper that might help: The beginner’s guide to creating mobile applications for your business.
Every week, I share the most interesting and useful tech articles that I’ve found over the past week. This week’s top articles focus on how a smartphone can hurt your career, popular jQuery plugins, application logic flaws, and more. I hope you find them useful:
Questions for mobile computing
Do you think your company can hold off on the mobile trend for a little while? Think again: Smartphones and tablets outsold PCs for the first time last year, and mobile computing is advancing at a rate much faster than previous new technology.
A couple of interesting conferences wrapped up earlier this month: The Black Hat Conference and the Defcon Conference. While I’m certainly not active with either of them, I find the news coming out of both conferences to be extremely interesting. In fact, I think that every business would benefit from keeping a close eye on these two conferences.