• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 14. Security > Achieving Application Security

Achieving Application Security

Achieving computer security is difficult, but some general principles apply.

  • Limit access to the system.

    The fewer people with login access to a server, the better. Try not to use an application server for general logins. Make sure that system administrators use good passwords and do not leave logged-in terminals unattended. Consider disallowing network access for system administration.

  • Use available security tools.

    There are a variety of system configuration checkers and monitors. These tools can probe a system from the outside for known security weaknesses and can also survey file system protections for suspect usage.

  • Protect complex systems with simple ones.

    Most server computer operating systems are too complex to be trusted. Firewalls, which will be discussed shortly, are systems that carefully limit access to the server and that are simple enough to trust. Firewalls may also perform auditing and logging functions.

  • Make sure the system is inside the envelope.

    Many applications work well in the common case. If the behavior of the server is not understood when disks fill up or when the CPU is overloaded or when too many users are connected, put limits in place that trigger alarms when such unusual operating conditions are encountered.

  • Record configuration changes.

    Put procedures in place to maintain records of system configuration and an audit trail of changes.

  • Create backups.

    Elementary as it sounds, make sure that server software and application data are backed up regularly. Make sure that the security controls for access to backup tapes are appropriate for the information on the backups.

  • Ensure that software is properly installed.

    New installations of software are a leading cause of improperly set security controls. Note that few vendors of application software configure their default settings to provide security.

  • Apply security patches.

    Keep up-to-date with announced security patches, and install them expeditiously.



Not a subscriber?

Start A Free Trial

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint