Designing Secure Software

Part 1

as a class discuss zero-day affects and other aspects of security that help to enhance and maintain the new software system put into place. Please respond to all of the following prompts:

As a part of zero-day affects, how does the NIST become so relevant?

Why?

What is an insider threat, and how can this plague system security?

An employee has worked at the same job for 6 years, comes to work every day – never sick, and never takes a vacation.

How is this viewed from a security standpoint?

Why?

Part 2

Web applications make remote access to system resources and data possible via the Internet. However, there are considerations that must be addressed when enabling this, including the appropriateness of making data available via the Internet and access controls to the data and the web application. Additionally, we must consider methods of securely granting access to the appropriate users while protecting the confidentiality and integrity of customer and company information.

Please respond to all of the following prompts:

Identify the advantages and disadvantages of using a web application to access your company’s data.

Identify the advantages and disadvantages of using a Virtual Private Network (VPN) and other proprietary access methods.

Share at least three best practices used in securing a web application.