Insufficient Website Security Results in Overwhelming Security Hacks, Highlights Ovum
According to one recent research named "Web Security Report" that Ovum the analyst company conducted, creators of websites aren't assigning sufficient importance to the security of websites and software, thus allowing overwhelming security hacks against several reputed organizations lately, so published Newsmaker.com.au dated August 22, 2011.
In fact, creators of websites and Web-applications are assigning excessive importance to the latter's appearance, convenience for access and speed, referred to as "cosmetics," while not sufficiently paying attention to developing secure code, thereby causing websites and software to be susceptible to hackers.
In a remark by Ovum analyst Andy Kellett, who also wrote the report, it's evident that during the last 3-years, malware targeted several reputed firms along with their web utilities. Some such firms were RSA, Sony as well as certain financial institutions, which suggest the possibility of even highly respected companies getting compromised, according to Kellett. Newsmaker.com.au published this.
Kellett added that indeed not sufficient emphasis had been assigned to the necessity of developing safe code as well as delivering an infrastructure that was robust.
Consequently, over the past 3-years, a maximum of 70 of the 100 most high-profile websites had either harbored malware alternatively had featured diversions onto illicit websites, Kellett outlined elsewhere that ZDNet.com.au published on August 22, 2011.
Meanwhile, Ovum's research paper outlined the consequences caused from operating a weakly-protected website. According to it, such websites exposed organizations to dangers of financial loss therefore there was a requirement for enhancing security from other websites which had gotten contaminated.
Further according to the report, certain corporate websites continue to be easily contaminated as they stand for malware authors' soft targets when the former seek services which they're able to manipulate for fulfilling their own requirements. Incidentally, the chief security flaws, which websites encounter, remain SQL-injection and Cross-site Scripting flaws, in spite of the wide knowledge vis-à-vis data security.
Hence, as an advice, Ovum suggested placing more importance to writing secure code, doing penetration and code testing, no matter what the expenditure was. Furthermore, real-time inspection as also evaluation of websites wholly must be conducted for making sure that end-users were secure.
» SPAMfighter News - 29-08-2011