Click here to Skip to main content
15,844,387 members
Home / Discussions / Design and Architecture
   

Design and Architecture

 
GeneralRe: Validate Data Format Pin
Gerry Schmitz16-Nov-23 10:49
mveGerry Schmitz16-Nov-23 10:49 
GeneralRe: Validate Data Format Pin
Kevin Marois16-Nov-23 11:46
professionalKevin Marois16-Nov-23 11:46 
GeneralRe: Validate Data Format Pin
Gerry Schmitz16-Nov-23 16:57
mveGerry Schmitz16-Nov-23 16:57 
AnswerRe: Validate Data Format Pin
jschell16-Nov-23 6:26
jschell16-Nov-23 6:26 
GeneralRe: Validate Data Format Pin
Andre Oosthuizen18-Nov-23 8:18
mveAndre Oosthuizen18-Nov-23 8:18 
QuestionHow to address security in white label software Pin
mozilly2-Nov-23 22:54
mozilly2-Nov-23 22:54 
AnswerRe: How to address security in white label software Pin
Gerry Schmitz5-Nov-23 6:06
mveGerry Schmitz5-Nov-23 6:06 
AnswerRe: How to address security in white label software Pin
jschell6-Nov-23 11:50
jschell6-Nov-23 11:50 
mozilly wrote:
My first thoughts are to follow these steps:


That is not how you go about it.

That is like attempting to write code when you do not even know what the requirements are.

mozilly wrote:
My manager says that the customers


Any larger company will expect this. Mid-size are also likely. Depending on the business domain every customer might require it.

mozilly wrote:
what steps should a team take to address security concerns


Obviously application security is a part of it. But also company security.

Large companies will require 3rd party security audits. Smaller ones might also.

Steps
1 - Investigate various parts of security needed.
2 - Software security
3 - Employee training
4 - Employee access. And specifically how access is turned off when an employee exits the company and who has access to what.
5 - Reviewing code for security vulnerabilities - specifically. Tools and manual.
6 - 3rd party audits.
7- A DOCUMENTED Security Plan for the company. That includes all of the above.
8 - DOCUMENT all of the steps taken (which would be in the Security Plan.) You will need to track where those documents live.
9 - The Security Plan must include how to DOCUMENT exceptions to the plan and solutions to problems discovered.
10 - One or more people assigned to the Role of insuring that the Security Plan is followed.

3rd party audits will likely look at all of the above.

People tend to skip 9 because they think/claim that those will not occur. Then when they do they don't have any way to deal with it and thus end up ignoring the issue.
QuestionHow to address security for white-label web app Pin
mozilly2-Nov-23 1:56
mozilly2-Nov-23 1:56 
QuestionThoughts on Internationalization Pin
snorkie23-Oct-23 8:44
professionalsnorkie23-Oct-23 8:44 
AnswerRe: Thoughts on Internationalization Pin
Dave Kreskowiak23-Oct-23 10:17
mveDave Kreskowiak23-Oct-23 10:17 
AnswerRe: Thoughts on Internationalization Pin
Mircea Neacsu23-Oct-23 10:52
Mircea Neacsu23-Oct-23 10:52 
GeneralRe: Thoughts on Internationalization Pin
trønderen23-Oct-23 13:02
trønderen23-Oct-23 13:02 
GeneralRe: Thoughts on Internationalization Pin
Mircea Neacsu23-Oct-23 14:40
Mircea Neacsu23-Oct-23 14:40 
GeneralRe: Thoughts on Internationalization Pin
trønderen23-Oct-23 21:22
trønderen23-Oct-23 21:22 
GeneralRe: Thoughts on Internationalization Pin
snorkie24-Oct-23 10:43
professionalsnorkie24-Oct-23 10:43 
GeneralRe: Thoughts on Internationalization Pin
jschell25-Oct-23 6:01
jschell25-Oct-23 6:01 
GeneralRe: Thoughts on Internationalization Pin
Mircea Neacsu25-Oct-23 6:49
Mircea Neacsu25-Oct-23 6:49 
GeneralRe: Thoughts on Internationalization Pin
trønderen25-Oct-23 12:54
trønderen25-Oct-23 12:54 
GeneralRe: Thoughts on Internationalization Pin
Eddy Vluggen25-Oct-23 13:56
professionalEddy Vluggen25-Oct-23 13:56 
GeneralRe: Thoughts on Internationalization Pin
trønderen25-Oct-23 16:20
trønderen25-Oct-23 16:20 
GeneralRe: Thoughts on Internationalization Pin
Eddy Vluggen26-Oct-23 2:40
professionalEddy Vluggen26-Oct-23 2:40 
GeneralRe: Thoughts on Internationalization Pin
jschell26-Oct-23 5:55
jschell26-Oct-23 5:55 
GeneralRe: Thoughts on Internationalization Pin
trønderen26-Oct-23 8:36
trønderen26-Oct-23 8:36 
AnswerRe: Thoughts on Internationalization Pin
Gerry Schmitz24-Oct-23 8:07
mveGerry Schmitz24-Oct-23 8:07 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.