EFY Times  
Friday, October 31, 2014

 
GO
 
 

10 Tips For Developers To Secure And Safeguard Code
 
Home >> Infotech >> Features
 
10 Tips For Developers To Secure And Safeguard Code  
 
EFYTimes takes a look at some ways programmers can safeguard their code.   
Rate this news:  (0 Votes)
Friday, November 15, 2013 With the increasing number of breaches in security with respect to credit card, mobile etc it is becoming imperative that we do all that we can to safeguard our property. So is the case with software developers.

Security, Code, Developers, Safeguarding, Breaches, Inputs, Avoid, Passwords,  Delays, Storing.




As cited on cio.com, here are 10 things they can do to keep their codes secure -

1. Testing inputs rigorously - Attackers require a path into your machines, and the easiest path is via the doors your code opens. In the event that your software derives input from the Internet, you are likely to have something come past you. You must ensure to test the size and structure of the incoming data and never rely on the person on the other end of the Internet.

2. Storing only what you require, and not a bit more – You must rethink regarding where to store your home or business addresses for sending emails. This time up a lot of time to process as well as disk space and makes an attractive target for information thieves. Whenever in doubt you must make the forms shorter and the database tables smaller.

3. Avoid over- reliance on passwords - Everyone is aware of the issue with passwords with no one having a better solution. You can add security by using special hardware that locks up cryptographic keys. They may be costly but easier to lose than a cellphone.

4. Negotiating requirements – Making secure code is not just something that happens in the code editor. A feature may be great but it may induce you to take stock of extra sensitive information and increase the level of security required everywhere. The apt time for securing your code against future breaches is when the requirements document is still flexible.

5. Adding delays to your code -Many attacks rely on sending millions of queries while others on trying trillions of passwords till the right one is found. You must add progressively more delays to confound these bots. You need to have your software to be fast enough to support the right humans but very slow for attacking bots to accomplish much.

6. Using encryption more frequently than you should -Encryption is often underutilized as it adds yet another step to the machinery and makes debugging that much harder. You must lock up personal data before storing it in the database to save you from a lot of worries.

7. Constructing walls – User friendliness should not lead to linking everything to a single portal. There is no simple way to decide how simple it should be for a user to navigate through the system and get what they want with a click. The easier it is for the legitimate user, the easier it is for the attackers.

8. Testing libraries -- Encryption is difficult to perfect and even the best theory and carefully built code can come with gaps. It is important to have well-tested libraries in this area than others. You must opt for a better code here and not inventing your own algorithms.

9. Using internal APIs - APIs is an old more valuable for security as it can make it simpler to audit interactions, find holes, and fix problems. It is logical to make internal sub-modules and the same idea applies inside of modules as well. Parts are easy to analyze.

10. Bringing outside auditors to critique your code - If an enterprise invests in a well-designed base, it should also invest in code audits that can identify flaws and give suggestions for improving the code.




Print Email Post Comment 
(Total Views: 2064)
 
Share

 
 
Infotech News
   
New MSME Policy Announced In Uttarakhand
Samsung Galaxy A3 and A5 Smartphones Officially Available!
Open Source India 2014: 9 Tracks, 40+ Speakers And 7 Workshops
Oppo R5, The Slimmest Smartphone Ever Launched!
Insecticides (India) Limited Reports 66 Per cent Rise In Q2 Net Profit At Rs 229.2 Million; Board Recommends Bonus Share
 
 
 
     
     
     
     
     
     
Most popular
 

Daily

Weekly

Canonical Releases Ubuntu 14.10!
Wipro To Hire 10,000 People For Open Source Program! Apply Here...
Top 10 Programmers Of All Time!
MongoDB Recognized As The Only “Challenger” In The Gartner 2014 Magic Quadrant For Operational Database Management Systems
Ebola Virus Reaches Internet World In Form Of Cyber Attacks!
Android KitKat Vs Lollipop: Here's The Difference!
Samsung Launches Galaxy Mega 2 Smartphone In India
Diwali Disocunt Offer On 10 Smartphones From Top Brands
Innovation Direct At Forefront Of Marketing Efforts For Ferris Emergency App Invention
TCS Focusing On Softskills Development Of Employees
Must-Follow Tips While Buying Online!
Know The 10 Possibilities In The Future Programming World
New White Paper From Boyd Corporation Discusses Noise And Vibration Analysis And Control
ASSET InterTech And Mentor Graphics IJTAG Interoperability Empowers Two-Way Validation Flow Between Chips And Boards
Google's New Inbox Enriches Email Experience
10 Best Mobile App Analytics Platforms
 
   

Overall

Agility Systems Deals in:

Document Management System for law firms
Features
10 Things You Need To Do After Installing Ubuntu 14.10
Here we'll talk about the most important 10 things which you can't miss out, after installing the latest Ubuntu version....
10 Best JavaScript Libraries For Data Visualisations
Here is a list of top 10 JavaScript libraries for web projects....
9 Excellent Free Code Editors For Android
There are tons of code editors available in the market for Android programmers but it's not always easy to choose the right one. So here we have liste...
10 Useful Bootstrap Editors To Build Responsive Websites
Each editor is different but all of them feature some drag and drop facility through a huge library of components. ...
10 Tips For Developers To Speed Up Websites
The easiest way is to reduce HTTP requests, which can be done through front-end development....
Top 10 Free Rich Text Editors For Developers
There are tons of rich text editors available on Internet but you need to find out the best ones to improve your development skills....
10 Best Tools For Creating And Prototyping Mobile Apps
Here we'll provide a list of 10 best available resources to help you in creating websites, web apps and mobile apps which can be used for prototyping ...
10 Hottest Skills An IT Professional Requires In This Demanding Market
With the fastest growing IT industry, required IT skills are also growing at the fastest possible way. Take a look at the top 10 list here....
8 Best Markdown Editors With Support To Google Drive, Dropbox
The likes of Google Drive always don't support Markdown documents which causes huge pain for the users but thanks to those tools which come in to fill...
Boost Security Of Your WiFi Network With Kali Linux: Learn Three Major Steps
Its toolkit allows you to crack Wi-Fi passwords, create false networks and detect vulnerabilities. ...
10 Best Mobile App Analytics Platforms
These tools will tell you how to measure the basics like installs, rankings, revenues, purchases and competitor rankings and how to deal with issues ...
Know The 10 Possibilities In The Future Programming World
The coming years of programming hold several predictions and you should be well aware about how the world of technology is likely to evolve in next fi...
Top 10 Programmers Of All Time!
Here we will recall 10 greatest programmers of all time and their immense contribution....
Top 8 Books On Hadoop Technology
Let's discuss 8 best books to learn Hadoop and how to get started with it....
20 Tools And Resources For Building And Testing Regular Expressions
Here we'll provide a list of 20 best tools and resources which will help you in writing regular expressions in a more streamlined way....
 
  View All
Dialogue
 
10 Questions That Google Never Asks While Hiring!
Here is a list of 10 questions that Google just banned from their interviews....
For Enjay, Open Source Technology Is A Way Of Life
An entirely open source-based company, Enjay IT Solutions, has built itself a reputation in the OSS domain....
Switching To Tizen Doesn’t Mean We Are Abandoning Android: Samsung
The company has worked to build Tizen up from scratch and has now introduced it to developers and the general public with its latest range of wearable...
Venturing Into The Cloud? Develop A Customised Cloud Strategy First!
Diksha P Gupta speaks to Rushikesh Jadhav, cloud evangelist, ESDS Software Solution Pvt Ltd, on how the cloud has changed the way compan...
HTC Is Strong And There Are No Plans Of Sale Now Or In Future, Says HTC's Senior Director-Marketing
Atithya Amaresh from EFYTimes had an exclusive chat with Sirpa H. Ikola, senior director, Marketing, South Asia, HTC about its devices and its plans w...
   
  View All
Videos
 
First Look: LG Optimus G
The phone sports a high-end display and comes powered by a powerful processor. ...
Create QR-Codes For Free
TEC-IT releases the freeware QR-Code Studio to provide a quick and convenient way of QR code creation for every application scenario....
DoT Secretary Shares Plans For Growth Of Telecom Sector
M.F. Farooqui has recently taken charge as secretary, Department of Telecom....
Hands-On: Sony Xperia Z
Xperia Z is Sony's first entrant model in the big-screen smartphone category. ...
Hands On: Videocon A30 Smartphone
Videocon, the consumer electronics company which is known for its refrigerators, washing machine and air-conditioner has unveiled its Android-based sm...
   
View All
   
 
IFA 2014
 
IFA 2014: LG Launches 34-Inches Curved Monitor
The company is yet to confirm price and availability of the device....
IFA 2014: Intel Launches First Core M Range Of Processors
This range of processors is tailor-made for 2-in-1 devices which include a tablet and a laptop....
MWC 2014: Tablet Lets People Feel Textures On Its Screen
Now feel what you see on your tablet, by way of ultrasonic waves....
MWC 2014: 4K Android Tablet Games To Kill Consoles, iPad
Tablet makers like Samsung want to beat the iPad by making 4K tabs. ...
MWC 2014: This Vodafone Backpack Helps Get Network In Disaster Situations
Two engineers of Vodafone New Zealand displayed the "mini" mobile network by Vodafone substructure in a backpack. ...
MWC 2014: Wilocity Chipset To Bring 'Lightening' Speed To Mobile Phones
Wilocity has developed a WiGig chipset for mobile phones that will bring lightning-fast wireless capability ...
MWC 2014: Samsung Introduces Octacore, Hexacore Chipsets
The Korean giant, Samsung unveiled two new octacore and hexacore chipsets at MWC 2014, in Barcelona. The company previously used Exynos 5 Octa 5410 ch...
   
View All
   
 
Events
 
19th Consumer Electronic Imaging Fair To Be Held On ...

View All
   
   
 
 

home archives contact us advertise with us
           
Magazines Portals Directories Events News Verticals Educational Institute  
Electronics for You
Open Source for You
Electronics Bazaar
electronicsforu.com
efytimes.com
opensourceforu.com
electronicsb2b.com
Electronics Annual Guide
EFY EXPO INDIA
EFY EXPO WEST
ELECTRONICS ROCKS
EFY Awards
OSIDAYS Expo
Electronics
Infotech
Linux & Open Source
Consumer Electronics
Science & Technology
BPO
EFY Techcenter

Educational Kits
Kitsnspares.com  
 
 
© Copyright 2014 EFY Enterprises Pvt. Ltd.
All rights reserved. Reproduction in whole or in part in any form or medium without written permission is prohibited.
Usage of the content from the web site is subject to Terms and Conditions