QA City

Most Popular

The Need to Identify the Weakest Link in the Application

By SiliconIndia   |  
Print Email

Bangalore: Every company either small or large contains a huge amount of confidential information which might be very sensitive. There are different tactics to protect the data such as strong passwords, Firewalls and encryption but, do you know that the hackers who are constantly keeping an eye on this information might be one step ahead of you than you could imagine? Hackers target the weakest link in any software.

In an organization, software is used for keeping HR records, email, accounts, document management and payroll. 70 percent of applications which are produced within the organization are licensed by the vendors and almost 65 percent are sourced externally. Judy Shelby on reports that about 80 percent of the software bought from the vendors failed in the security compliance according to the PwC's 2012 Security Report.

Veracode Inc. also noted some of the errors detected in third-party web applications as given on “Open Web Application Security Project (OWASP) Top 10.” 40 percent of these applications highly detected flaws. So every business should learn that all outsourced application contains data breach risk due to the possibility of security errors.

Sometimes some of the security threats might not be identified immediately after it’s purchased; you have to use it in your business to find it. BYOD or bring your own device prevalence in organizations for employees brings in insecurity to company data. The hackers get an easy access point to hack your confidential company data.

One way to take precautions is by independent verification of the software security throughout business supply chain and automatic security testing for vendor supplied applications. In addition to this, companies should make sure vendors and third parties submit the security testing before acquiring the software and make the purchase agreement.

Sign Up for QA Digest and Read the Day's Highlights
Don't Miss
Experts on QA
Swaid Qadir Bhat
Sr System Architect
Virtusa Corporation
Subhash  Motwani
Prasad Rao Pasam
Ayaskanta  Mohanty
Managing Director
TATWA Technologies
Rajesh  Dagar
Software Architect
Connect Icon Pvt Ltd
Yasar  Khuthub
Software QA Manager
Azure IT Solutions
Sunil  Bhat
Project Management
HCL Infosystems Limi
Sharad  Agarwal
Team Lead
Write your comment now
This report is the result of the largest public-private sector rese...
For those not familiar with the Coverity Scan™ service, i...