Scammers will always be in the world, trying to hack into our databases or steal our information (or that of our customers). There were some pretty interesting stories about database breaches this past year, especially just this December when Target announced a major security breach that had compromised credit and debit card numbers, including what they hope were well-encrypted pin numbers. In light of these issues, it is now more important than ever before for software developers from all walks of life to place a much greater emphasis on security.
Small Businesses and Large
Security concerns aren’t just for large businesses. Even small businesses have to be careful about what they’re putting online or in their stores. Earlier this year, one of my websites was hacked and I lost a lot of valuable blog posts and information. It was my own fault because I had not properly updated my blog. Not doing so meant that I lost out on some important security patches and updates.
But that’s a rather minor issue compared to credit card fraud and compromised personal data. Other issues have also been of major concern. Adobe lost tons of passwords earlier in the year. Even the launch of the healthcare.gov website was subpar, leaving most Americans wondering if our government couldn’t afford some SmartBear products for software testing.
Software developers are now attempting to take a more proactive approach. What can they do to prevent the type of embarrassment we’ve seen throughout 2013? Even in early 2013, a lot of companies were trying out different software testing programs and scripts. Some required a bit of SQS knowledge while others were completely automated. A few were specifically geared towards testing server load – something our government really could have benefited from before October.
But the real question lies here. Where are developers going wrong? Are we so focused on new, trendy testing and security measures that we’re bypassing and ignoring the tried-and-true methods that could simply use a little tweaking to become better? Does the field of security really need “brand new” when what already exists is getting the job done? Is our quest for the latest and greatest in terms of software development actually hindering our ability to grow?
All I know is that 2014 promises to be a very interesting year for software developers and security specialists. I can’t wait to see how things progress and I hope – I really, really hope – we don’t see as many major security breaches this year.