SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Spend More on Security

By Steve Jones,

In technology, quite a few companies are doing well. In fact, it's a regular race among Apple and Microsoft to see who's the world's more valuable company. However, quite a few other companies in other industries are also doing very well. Many have reported strong earnings in the last couple years. Many of those same companies have had data breaches.

I saw this tweet from Buck Woody, which says " Another day, another breach. C'mon companies, get your act together. Spend a bit of that record profit on security. We're tired of this."

I agree. As someone who's stayed at an SPG hotel, I'd guess my data has been leaked. I'm also guessing that my credit card has been changed since then, since I think I end up changing them once a year because of some data breach. Still, I think that shouldn't be a habit I have.

Companies need to spend more than "a bit" on security. They need to better train their IT staff on secure coding and configuration as well as on tools to support those habits and processes. They also need to devote some time and money to fixing past security issues. No system should be immune from patching because of fears that an application stops working. Either internal developers need to test better, or vendor contracts need to specify that software purchased will support platform security patches, which often means the vendors need to ensure that service packs and patches don't break their products.

We need to demand more as consumers and technical people, including demanding more of ourselves. Building secure systems is hard. Writing secure code requires we change habits and sometimes do a bit more work. It's something we all need to learn to do better.

Total article views: 22 | Views in the last 30 days: 2
Related Articles

Data Breaches

Security is hard, but are we doing a good job? Steve Jones shares a few thoughts on our security dev...


We Really Need Better Security

Some disturbing security issues reported this week.


Pride and Security

When an employee has pride in their company, they tend to do a better job, and Steve Jones says that...


Virtual Security

As more and more companies move to virtualized servers, security should be on their minds. Steve Jon...


Why Devops? For Better Security

DevOps is supposed to help us build better software, faster. Steve Jones looks at one of the other b...