A reblog today, of an expert for once
How do you secure a webshop, an electronic car, an office management system? Securing an IT-enabled product requires you to consider many topics, and missing one topic could already result in a security flaw of that product.
Let us presume that you have a webshop that sells books. What security measures do you need, to protect the data about the books that you sell, their availability and prices, as well as your customers’ transactions?
Software developers will think about security in source code and application logic, whilst system and network administrators will think of the IT infrastructure on which the application will run. Who has the holistic view of all relevant security measures that should be in place?
Realising an eCommerce webshop, are your IT processes well-equipped to be online, or are they only a fit for internal office automation? Being online implies being operational 24/7 and considering to be 24/7 under attack, is that also your requirement?
Also, what does creating an online…
View original post 209 more words