SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Spend More on Security

By Steve Jones,

In technology, quite a few companies are doing well. In fact, it's a regular race among Apple and Microsoft to see who's the world's more valuable company. However, quite a few other companies in other industries are also doing very well. Many have reported strong earnings in the last couple years. Many of those same companies have had data breaches.

I saw this tweet from Buck Woody, which says " Another day, another breach. C'mon companies, get your act together. Spend a bit of that record profit on security. We're tired of this."

I agree. As someone who's stayed at an SPG hotel, I'd guess my data has been leaked. I'm also guessing that my credit card has been changed since then, since I think I end up changing them once a year because of some data breach. Still, I think that shouldn't be a habit I have.

Companies need to spend more than "a bit" on security. They need to better train their IT staff on secure coding and configuration as well as on tools to support those habits and processes. They also need to devote some time and money to fixing past security issues. No system should be immune from patching because of fears that an application stops working. Either internal developers need to test better, or vendor contracts need to specify that software purchased will support platform security patches, which often means the vendors need to ensure that service packs and patches don't break their products.

We need to demand more as consumers and technical people, including demanding more of ourselves. Building secure systems is hard. Writing secure code requires we change habits and sometimes do a bit more work. It's something we all need to learn to do better.

 
Total article views: 21 | Views in the last 30 days: 21
 
Related Articles
ARTICLE

Data Breaches

Security is hard, but are we doing a good job? Steve Jones shares a few thoughts on our security dev...

ARTICLE

We Really Need Better Security

Some disturbing security issues reported this week.

ARTICLE

Pride and Security

When an employee has pride in their company, they tend to do a better job, and Steve Jones says that...

ARTICLE

Virtual Security

As more and more companies move to virtualized servers, security should be on their minds. Steve Jon...

ARTICLE

Why Devops? For Better Security

DevOps is supposed to help us build better software, faster. Steve Jones looks at one of the other b...

Tags
editorial    
security    
 
Contribute