Security Testing

Security testing is a set of system tests designed to ensure that your solution has the appropriate level of security built in.

For instance, an Internet application that processes credit cards and stores customer information needs to be secure.

It cannot be “mostly” secure or “reasonably” secure. It needs to be 100% secure and it needs to be thoroughlytested.

Another application that maintains a library of company information that is available for all employees may not need a security test at all.

Understanding security needs starts with your business requirements.

You need to work with your client to understand the importance and confidentiality of the data that is read, updated, and created by your application.

Then, determine the types of people who have access to the application and to the data. Picture this as a table with data categories in the columns and people in the rows. For each square in the table, determine what level of access, if any, the people should have to the data.

Then, you design and build the application to those requirements. Once you know who needs access and at what level, you can run tests to ensure that access is as it should be. This has two important steps.


1. Make sure that people have the level of access they need. For instance, the Accounts Payable clerks may need to browse certain functions and update others. Your testing should ensure that the clerks can access all of their data and transactions.


2. On the other hand, you should test to ensure that people do not have access to areas they should not. For instance, these same Accounts Payable clerks above may not have the ability to generate a payment request over $1,000.


Added security also has added cost. You may decide that a breach would be a nuisance, but not something you want to spend a lot of money to avoid. You may need to rely on procedures and training to help with security. You can also enforce security by generating audit reports that point out unauthorized access.

Selection


Libro El Director de Proyectos Práctico -

Un Método probado de 28 Pasos para completar tu Proyecto Exitosamente

EL DIRECTOR DE PROYECTOS PRACTICO -

Por fin ─ un libro sencillo con un método paso a paso para completar tu proyecto.

¡Y sin tener conocimiento previo sobre administración de proyectos!

Toda la "paja" de la metodología de dirección de proyectos fue eliminada, dejando solo lo que es absolutamente útil para completar la tarea.

El Director de Proyectos Práctico, Project Management for Small Projects. 

Un libro pensado en el líder de proyectos empírico que salió ganador de la rifa del tigre. Pues ya tiene la responsabilidad de un proyecto, pero que no sabe ni por donde empezar. Necesita una receta ABC para seguir.

Contiene 260 páginas perfectamente detalladas con ejemplos e ilustraciones, que te llevan de la mano hasta completar tu proyecto.

Pruébalo, síguelo, ten éxito. O sigue haciendo lo mismo... :(

Disponible en Amazon

Compra aquí El Director de Proyectos Práctico en su versión electrónica─

Entrega inmediata.

BONO ADICIONAL:  El libro incluye todos los templates─plantillas─que necesitas, listos para ser usadas. No necesitas comprar nada mas.


COPYRIGHT © 2007-2012 por Hector Olvera Padilla 1853071. Reproduction in whole or in part, or translation without written permission is prohibited. "PMP®", "PMBOK®", and "PMI®" are registered marks of the Project Management Institute, Inc.