Reply to post: Re: Securing Databases

Researchers spot thousands of Android apps leaking user data through misconfigured Firebase databases

Anonymous Coward
Anonymous Coward

Re: Securing Databases

What Alter Ego said. When security is added later, sometimes it doesn't make the final product.

I've seen platform software that was delivered on schedule, passed User Acceptance Testing, and was given to Operations to deploy. Problems were caught by Ops in their security review. And nobody had both responsibility and authority to halt deployment until security was fixed.

Security can be done properly, but it needs equal status with other management priorities. Security costs are easy to pass down the line (or "externalize"), and hard to quantify. It can be tough to justify against the bottom line.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2021