Template Helps Businesses Implement App Security | Knowledge Network | ITBusinessEdge.com

Newsletters Welcome, Guest Log In | Register

What’s new and popular in our professional business community

About this Blogger RSS

< Previous | Next >

0

Template Helps Businesses Implement App Security

Posted by Patrick Avery Nov 6, 2009 12:40:04 PM

ITManagerToolkits.com has uploaded a Application Development Security Policytemplate in the Knowledge Network, along with some of its other templates, tools and checklists. This document in particular aims to help companies define security requirements for access to applications that are purchased or developed internally.

This template is part of a comprehensive IT Governance and Compliance Toolkit. The Toolkit is a collection of Microsoft Word forms, templates and instructional documents that help you assess and establish the crucial policies that you need to operate a secure and compliant IT organization.

Here are some of the suggested rules to better control the way passwords and accounts are managed during software development.

Password retrieval must be prevented. Computer and communication systems must be designed, tested, and controlled so as to prevent both the retrieval of, and unauthorized use of stored passwords, whether the passwords appear in encrypted or unencrypted form.

Vendor default passwords must be changed. All vendor-supplied default passwords must be changed before any computer or communications system is used for company business.

Stored passwords must be encrypted. Passwords must always be encrypted when held in storage for any significant period of time or when transmitted over networks. Doing so will prevent them from being disclosed to wiretappers, technical staff who are reading systems logs, and other unauthorized parties.

For the rest of the rules in this policy, check out the full template in the Knowledge Network.

Sphere: Related Content Print 0 Comments Permalink

Social Web
Send Email

To ShareThis, click on a service below:

Digg

del.icio.us

Email this article to a friend

X

Related Content

Topic: Internal Threat

[ Blog ] Closing the Security Gap
[ Article ] The Expanding Footprint of the Privileged Identity Management Challenge
[ White Paper ] Stopping Insider Attacks: How Organizations Can Protect Their Sensitive Information

Add a comment Leave a comment on this blog post.

There are no comments on this post

Related Content

Topic: Application Security

Protect company data with industry best practices and effective security tools

Blog: IT Needs to Get Control over IPhone Security

Article: Beta Doesn't Always Mean Bad

White Paper: What Every Executive Needs to Know about Application Security

Related Topics

Internal Threat

Featured White Papers

Lowering Your IT Costs with Oracle Database 11g Release 2

This white paper identifies the key capabilities a database management solution needs to successfully deliver more information with higher quality of service, make more efficient use of IT budgets, and reduce the risk of change in data centers.

Software Forum: Information On Demand Virtual Experience

This interactive virtual forum presents leading IT experts providing the insights you need to turn your information into a strategic driver for innovation, business optimization and competitive differentiation.

Resource Centers

: Business Intelligence

Best-practice tools, strategies and technologies for determining and managing the data you need to make better business decisions.

Featured Whitepapers

Seeing the Big Picture: A Corporate Guide to Better Decisions Through IT
: Network Optimization

Network management tools and tips to increase network speed and efficiency, regardless of office location.

Featured Whitepapers

Extreme Savings: Cutting Costs with WAN Optimization
: Security Information and Event Management

Best practices, strategies and technologies to help you use security information and event log management efficiently and effectively in order to get business value in terms of increased security, reduced risk, regulatory compliance and increased business agility.

Featured Whitepapers

The Top Ten Insider Threats and How to Prevent Them
: Data Warehousing for Business Intelligence

Comprehensive storage solutions for better data access and retrieval, leading to better-informed business decisions.

Featured Whitepapers

Maximizing Operational Efficiency with Oracle Business Intelligence (BI) Applications