Privacy and Cyber Security don’t just start at the point where your product is released, they need to be embedded much earlier. Integrating these aspects into your SDLC (software development lifecycle) early on is key to complying with your obligations in terms of privacy laws as well as meeting the expectations of an increasingly aware consumer.
In this Info Sheet, I detail a number of the considerations that a development team needs to make when designing and maintaining software. Please feel free to distribute this handout to your development teams or contractors! The subjects covered in the Info Sheet (v1.0) are:
- What are POPIA and GDPR
- Privacy by Design
- Public Expectation
- OWASP Top 10
- Mixed Content
- SSH, RDP, SQL Ports
- Field/Database Encryption
- Database Tenancy and Backups
- Credentials in Code (and Github combing)
- Password Salting
- Sensitive Information in Debug (or Info) Logs
- Legacy SSL/TLS Implementations
- Building Export Functionality
The Info Sheet is free to download below. Why not subscribe to the newsletter while you’re at it?
No thanks – just take me to the Info Sheet.
Ross G Saunders Consulting offers a number of solutions that can drive your compliance and security maturity; from affordable 16 week group coaching programmes to comply on your own, through to advisory retainers and staff awareness training. To find out more about the offerings available, book time directly with Ross using the calendar below.