Protecting customers’ information is about gaining their trust. Privacy is about safeguarding that information. It is what drives confidentiality. Privacy is the customer’s expectation that what they supply will be used appropriately. Someone who posts to Twitter or LinkedIn will have different expectations than someone who uses Facebook. Though all are social media applications, the … Read more
Software design, much like woodworking, is a blend of art and science. Envisioning the final product is an art, while the journey to its realization is governed by scientific principles. Throughout this journey, the design undergoes numerous adjustments, similar to how a woodworker makes test cuts and deals with throwaway parts. These adjustments are vital, … Read more
Creating software is no different than creating a woodworking project. The end product will be creative. The flow of the wood, the colors, the stability, the functionality. After enough change in temperature, the expansion and compression of the wood will expose the skill level of the craftsman. The beauty of a natural wood dining room … Read more
he security posture of a software product is driven by how well it preserves the confidentiality, integrity, and availability of the system. The more ways that these three pillars can be negatively impacted, the weaker the overall security posture of the system. Each individual way in which one of the pillars can be negatively impacted … Read more
The last of the three pillars of information security is availability. Availability simple means that the data is available when the system says it will. In some cases that will be always available and on-demand. In other cases it may be in a few minutes. And in other cases it may be days. All that … Read more
Integrity is the second fundamental principle of software security. Integrity is about ensuring that data is trustworthy. To be trustworthy, the data must be accurate and complete. There is a this notion that type of application matters when it comes to data integrity. The truth is, it doesn’t matter. All systems need to be ensure … Read more
Confidentiality is how data is managed by the system. Confidentiality is a key pillar in trust. A system must inform the user how the data collected is intended to be used and use it in that manner. This notification must be in clear and concise terms that are easy to understand. A long “Terms of … Read more