Posts Tagged ‘systems development’

Does Using “Certified” Software Products Improve Compliance?

Thursday, May 17th, 2007

It seems the term “certified” is being used more and more…for professionals, hardware, software, you name it.
You see software vendors touting that their products have been certified and that they will help companies meet “compliance,” but I have found very little research into what this really means, or if it means anything at all.


Reducing Attack Exposure for Internet-Facing Applications

Thursday, May 3rd, 2007

Yesterday the Channel 12 news in Jackson, Mississippi reported a Kennesaw, Georgia business had its Internet-facing computer system hacked. That business’s application is “now generating thousands of counterfeit messages to businesses and consumers, purporting to be a complaint filed with the BBB.”


What IT Leaders Need to Know About Using Production Data for Testing

Friday, July 14th, 2006

There are many issues involved with using live production data, particularly real personally identifiable information (PII), for test and demo purposes.  For many years it has been the norm within organizations to use copies of production data for testing during applications and systems development.  However, over the past few years this practice is becoming more and more of a bad idea with all the new privacy laws and regulations, identity theft cases, insider instigated fraud, increased customer awareness, and the growing number of companies using outsourced companies to manage applications development, testing and quality assurance. 

In my latest podcast I discuss the importance of and reasons for using data that does not include real, production PII for test and development purposes.

MP3: Rebecca Herold – What IT Leaders Need to Know About Using Production Data for Testing