Educause Security Discussion mailing list archives
Web site development and security
From: Theresa M Rowe <rowe () OAKLAND EDU>
Date: Fri, 19 Nov 2004 14:09:17 -0500
We recently completed a security audit. A recommendation in the audit was to "Establish a best-practice in software development to develop secure and quality web applications." In detail, we are finding many of our departments are developing their own web sites using MS-Access, My SQL, or SQL Server databases as back-ends. Some of these might contain sensitive data and may not be secure or might be susceptible to package weaknesses (like the recent SQL Injection problem). Do any of you have development standards that address security issues around this type of development (that you could share)? Thanks in advance - Theresa Rowe Assistant Vice President University Technology Services www.oakland.edu/uts - the latest news from University Technology Services ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Web site development and security Theresa M Rowe (Nov 19)
- <Possible follow-ups>
- Re: Web site development and security Kathy Bergsma (Nov 19)
- Re: Web site development and security Gene Spafford (Nov 19)