Platform Identity Management Nederland (PIMN)

PIMN voor beter identity management

Secure software starts with secure software development

In a recent article published in the Federal Times "New guidance offers roadmap for securing mobile apps" it is said that;

"In recent years, software attacks have shifted from targeting operating systems to targeting applications," the new protection profile states. "As a result, it is paramount that the security of applications be improved to reduce the risk of compromise."

And they are right, the security of apps and in particular mobile apps is generally overlooked and moved to a lower priority as a deadline to deploy an app is closing in. Another reason for ignoring security in mobile apps is the lack of security expertise.

The guidance basically describes what common criteria for evaluation and validation — released through the National Information Assurance Partnership — acts as a roadmap during the development process. Engineers work through the schema, selecting the desired functionality and applying the associated security frameworks. 

We at Onegini basically do the same when developing our product, our product is developed according tot the Framework Secure Software developed by the Secure Software Foundation

 

Framework Secure Software

The Framework Secure Software defines a standard to help to improve secure software development. 

  • For development teams, the framework helps to implement secure software development practices.
  • For auditors, the framework gives criteria to evaluate the security of the software.
  • For purchasers, the secure software certificate makes the software's security properties visible. 

 

Goals of the Framework

100% security is impossible, but the framework can evaluate if security is sufficiently implemented.

The framework:

  • covers all phases of the SDLC
  • fits all software development methodologies
  • is applicable to a wide range of software applications
  • bridges the gap between non-technical requirements and technical implementation
  • makes it possible to issue the secure software certificate. 

 

sdlc-framework

We understand the pressure developers are under when developing mobile apps for the mass consumer market. Pressure to deliver on time at shortest time to market possible and no or limited knowledge of security. 

Using a platform that takes care of the security side of the mobile app is vital for a safe deployment of mobile apps to the mass consumer market. 

The Onegini Mobile Security Platform provides developers with an easy to use SDK for all platforms that takes care of mobile app security offering bank grade security developed and maintained by security experts.

Love to hear your thoughts on the subject.

Weergaven: 9

Opmerking

Je moet lid zijn van Platform Identity Management Nederland (PIMN) om reacties te kunnen toevoegen!

Wordt lid van Platform Identity Management Nederland (PIMN)

Doe mee op LinkedIn

Vaker een update en goede mogelijkheid om zichtbaar te zijn.

© 2018   Gemaakt door Jaap Kuipers.   Verzorgd door

Banners  |  Een probleem rapporteren?  |  Algemene voorwaarden