November 2001
Intermediate to advanced
240 pages
6h 27m
English
For the most part, data and process owners are not as technology savvy as their programmers or administrators. Even those who started their professional lives as “techies” now find themselves at the mercy of the applications they deploy to be reliable and work within the organization’s information security environment.
Internet policies for applications should be limited to securing data and file transfers as well as authentication of those transfers. Other aspects of application security should be left to other policy areas, such as the organization’s Software Development Policy for in-house–created programs (see Chapter 11, “Software Development Policies”). By keeping it simple, you can keep the focus on the ...
Read now
Unlock full access