Digital Edition

SYS-CON.TV
Forum Systems Touts Web Security
Beware of Unintentional Over-Engineering, Firm Cautions

Web services promise to automate business processes and give their adapters the speed and agility to exist and grow in their markets. But a web services strategy will fail if proper security processes are not part of the overall strategy, according to Forum Systems. The company, with offices in Sandy, UT and Waltham, MA, has developed a white paper that examines this situation.

“By automating change, businesses can adapt rapidly to customer needs and market conditions,” the paper points out. Customers can be served with unprecedented promptness. Partners can be assured of up-to-date information. Trading networks can reshape themselves through available optimized transactional alternatives rather than through lengthy, expensive custom application development.”

But web services, like all IT projects, are vulnerable to security threats, the company notes. “Web services were built for speed and convenience rather than safetym,” the white paper says. “By transmitting proprietary data over public networks and between distributed participants whose trustworthiness maybe unknown, and by automating processes that formerly took place under the watchful eye of management, Web services can very easily expose mission-critical business processes to attack, infiltration, and corruption.”

The white paper outlines a variety of potential threats, and encourages developers and IT managers “to assess the needs to be met and then to identify a solution hat best fits those needs, precisely and affordably. Enterprises should be wary of investing in generic, one-size-fits-all security solutions or solving a security challenge with a battery of costly and complex products.”

It points out that “such over-engineered solutions are difficult to maintain and may create their own set of vulnerabilities if features are neglected or poorly understood. Malicious users can take advantage of underutilized functions and turn the organization’s investment against itself.”

The white paper presents a detailed analysis of how web services developers and managers can best equip themselves against these security threats, posing many scenarios, approaches, and recommendations. It can be found at www.forumsystems.com

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news an...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
"We began as LinuxAcademy.com about five years ago as a very small outfit. Since then we've transiti...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO an...
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning te...
The Internet of Things will challenge the status quo of how IT and development organizations operate...
More and more companies are looking to microservices as an architectural pattern for breaking apart ...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-fo...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
Adding public cloud resources to an existing application can be a daunting process. The tools that y...
Organizations planning enterprise data center consolidation and modernization projects are faced wit...
Serveless Architectures brings the ability to independently scale, deploy and heal based on workload...
Let’s face it, embracing new storage technologies, capabilities and upgrading to new hardware often ...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...