Blocking Out the Bad Actors with Better Application Security

Application security has become a major challenge in recent years and it’s up to businesses to rethink how they approach this issue to protect their information from unauthorized individuals.

Read through your favorite news site and you’ll probably see at least one story about some sort of cybercrime. Whether it’s stolen credit card numbers, compromised customer data or distributed denial of service attacks, today’s businesses are under attack from every possible direction. 

Simultaneously, companies need to assess compliance risk. As an example, the General Data Protection Regulation (GDPR), effective May 2018, combines numerous smaller European privacy laws under one umbrella and requires any company that does business in Europe to inform customers if they have had a breach of personal information or face severe penalties. This makes investing in proper security controls the obvious strategy for compliance instead of paying fines, since fines could be huge.

To make matters worse, businesses can only devote so much to their security—they have other priorities that must be attended to, whether it’s customer service or product research and development. Yet cybercriminals are only getting better at their jobs. Not too long ago, there was a story about a major oil company that was compromised when hackers planted malware in the online menu of a restaurant that employees frequently ordered from. In a twisted way, their ingenuity and tenacity is almost admirable.

Regaining Peace of Mind

That said, businesses can maximize their security and regain their peace of mind, they just need to take a more thoughtful approach. Many businesses struggle with this—they spread themselves thin and misjudge where their focus should be. The common security analogy is using $10 locks to protect a $1m asset and vice versa, using $1m locks to protect a $10 asset.

The key is seeking outside expertise both in terms of devising a security strategy and deploying solutions and tools that have strong security features from the get-go. If cybercriminals are devoting their every waking moment to cracking a company’s security, working with security experts and deploying the right technologies can help enterprises tip the scales back in their favor—without having to be security experts themselves.

An Eye for Security

As a software developer, Progress understands the importance of security—especially in the modern digital business landscape, where so much of a company’s operations go through various applications and devices. That’s why we are constantly updating our various tools and technology in response to rising security needs.

For example, Progress OpenEdge 11.7—our latest release—features the OpenEdge Authentication Gateway, which is essentially a security token service (STS). By taking these steps, we help our users secure their applications and ensure the right users have access to the right information.

We recently had the opportunity to speak with SD Times in more depth about application security and some of the approaches we offer to addressing this challenge. Feel free to check out the article and let us know in the comments if you have any questions.