Question

Locked before Monday, April 1, 2019 12:01 AM CDT. Must post first. Subscribe You are presented with a problem that requires a programmatic solution. What are creation steps and best practices that should be taken at the start of every development project or programming project? Additionally, provide insight on how you approach coding at the beginning of a project and how you code as your project progresses. Rubrics Discussions Cec Start a New Thread Filter by: All Threads search

Answer 1

Starting to code the application:

Nowadays, companies have moved on to the Agile or Rapid Application Development SDLC(Software Development Life Cycle) which has been resulting in reducing the development timeframe. Now, starting with the risk assessment, here we go,

1. Collecting Information:
   • The collection of information is one of the major parts that plays in the security of the organization. The URL of the target must be accessible to gain information.
   • Information caught in wrong hands can turn out to be chaos for any organization. Hence, information must always be safeguarded with levels of security.
2. Risk Profiling:
   • Checking the website for each and every type of risks/threats is a very important task and must be carried on with each and every module of the organization's availability in the internet space.
   • There must be things carried out like:
     • Automated threat scanning
     • Penetration Testing
     • Black Box testing of the source codes
     • Assigning Risk Ratings to the Security Flaws
     • Reporting to higher Authorities
3. Updating Technology:
   • In the current world scenario, it has become very important to update the technologies that are been actively used and must be balanced accordingly.
   • The use of older versions will come with a bunch of vulnerabilities and threats along with the destruction of certain aspects of the organization.
4. Application Fingerprinting:
   • In an organization, there are certain things that must be checked for the known vulnerabilities and exposures. If there, one must always keep it the priority to overcome certain threats in order to run the organization smoothly.
   • The application fingerprinting consists of different levels of assessment. Here are some of the different scopes:
     • Defining Objectives
     • Devising Strategy to overcome threats
     • Role Based Access Control Matrix
     • Choosing Appropriate Security Tools

When ending the programming of the application one must always understand the importance of security in the application and hence, below are some of the basic guidelines which one must implement towards the end of the programming phase of the application. Here we go,

Guidelines For Security Policies:

For the security policies, there are certain things to be always taken into consideration, we will discuss all of them as we dive in deep. So here we go,

1. Knowing The Risks:
   • It is the most important part while creating security policies to know what risks are there in the system.
   • How the information is been manipulated at the client as well as the server end. Hence, making the process more secure as data is the part for which security is always compromised.
2. Knowing The Wrongs Done By Others:
   • Knowing that the organizations who have been gone through the certain risks which reside in your system. Learning from the mistakes made by others is always the most effective way of setting guidelines.
   • The guidelines to the security policy consist of the most probable wrong things that each and every organization with similar risks are been doing.
3. Keeping Legal requirements in mind:
   • Many times organizations completely forget about the legal requirements that are been required by the officials.
   • Hence, keeping the legal jurisdictions, data holdings and the location in which you reside is also most important.
   • Recently, this has been the case with Facebook's most controversial data theft.
4. Setting the level of security:
   • The level of the security that is been planned must always be kept in mind with the level of risks that are been residing in the system.
   • Excessive security in the system can also cause hindrance to the smooth business operations and hence, overprotecting oneself can also be a cause to the problem.

Hence, these are the guidelines for creating an effective and functional security policy for the development phase of the applications.