| Software Security: Change Is Imminent |
Letter From the Editor
10 June 2002
 |
Successful enterprise information software security requires finding the appropriate balance between containing the risks that come with new technology developments and trends, and enabling enterprises and end users to use technologies as they deem appropriate. Despite the pains and costs associated with trying to add security after applications and systems have been developed or procured, security remains largely an afterthought. However, enterprises that must deal with continual requirements to "patch" software bugs, and to protect against and clean up after virus infections, are starting to re-evaluate whether their current approaches toward security are adequate.
Although the debate regarding the responsibility for quality and security of software is not new, the issue has taken on increasing importance as the direct and indirect costs of poor software security continues to increase for enterprises. This month, we highlight recent research that explores a spectrum of the most-pressing software security concerns and questions enterprises face.
First, we examine how enterprises can help control specific information security vulnerabilities that arise from popular applications such as Microsoft Outlook and instant messaging, and how they can navigate the changing nature of virus and malicious-code threats, and the virus protection market:
Certain steps can be taken to prevent many of these vulnerabilities. By changing vendor and development strategies or by turning toward hardware solutions, enterprises can solve security
Finally, the old debate about the liability for the quality and security of software has new relevance:
Arabella Hallawell
Editor in Chief
Security and Privacy
spotlight.feedback@gartner.com
|
|
