Saturday, December 08, 2007
Links for 2007-12-08
Jiri Ludvik describes in percentage terms what his day looks like. I wonder what the breakdown of other enterprise architects looks like?
I would encourage enterprise architecture practitioners to read this guide to understand more about building security into enterprise applications as many of us haven't accounted for security breaches as part of the risk equation.
I am surprised that Todd Biske didn't ask Gartner analyst Tom Scholtz why secure coding practices aren't also a key protection process? Analysts need to understand that code written insecurely is the root of all security vulnerabilities.
Every project team asks themselves, implicitly or explicitly, what are our criteria for success? Depending on the range of the stakeholders involved you’ll get answers from the superficial (e.g. “users of all skill level can use software”) to the goal oriented (e.g. “identify the safest and most viable customers who need car insurance”). It’s easy to talk about success – especially non-quantifiable success.
Should Indian Outsourcing firms also mandate secure coding training for their employees?
There hasn't been a lot of hype on this product, but it is huge and I encourage the DBA crowd to chat with security folks on its value.