Click here to Skip to main content
15,124,861 members

Survey Results

Who is responsible for a software system's security?

Survey period: 24 Oct 2016 to 31 Oct 2016

A hardcoded password, a SQL injection, a system with a known issue, or not changing the default password. There can be lots of fingerprints on that knife.

OptionVotes% 
The user using the system51214.74
The person who recommended the use of the system1975.67
The person who installs the system45713.15
The developer who built the system80223.09
The person who decided on the default settings of the system50914.65
None of the above2,51572.39
Respondents were allowed to choose more than one answer; totals may not add up to 100%



 
GeneralJust to show how things can be complicated... Pin
Kornfeld Eliyahu Peter29-Oct-16 8:34
professionalKornfeld Eliyahu Peter29-Oct-16 8:34 
GeneralDesigner/Architect Missing Pin
cjb11026-Oct-16 21:41
Membercjb11026-Oct-16 21:41 
GeneralEveryone Pin
Marco Bertschi26-Oct-16 2:15
professionalMarco Bertschi26-Oct-16 2:15 
GeneralMissing Option Pin
Nathan Minier25-Oct-16 2:46
professionalNathan Minier25-Oct-16 2:46 
GeneralLegally? The owner of the product Pin
Eddy Vluggen25-Oct-16 2:09
professionalEddy Vluggen25-Oct-16 2:09 
GeneralRe: Legally? The owner of the product Pin
AlexCode25-Oct-16 22:17
professionalAlexCode25-Oct-16 22:17 
GeneralRe: Legally? The owner of the product Pin
Eddy Vluggen25-Oct-16 23:20
professionalEddy Vluggen25-Oct-16 23:20 
GeneralRe: Legally? The owner of the product Pin
AlexCode25-Oct-16 23:53
professionalAlexCode25-Oct-16 23:53 
GeneralRe: Legally? The owner of the product Pin
Eddy Vluggen26-Oct-16 0:05
professionalEddy Vluggen26-Oct-16 0:05 
GeneralShort answer - All Of The Above! Pin
Erik Burd24-Oct-16 8:25
professionalErik Burd24-Oct-16 8:25 
PraiseRe: Short answer - All Of The Above! Pin
Anurag Gandhi24-Oct-16 21:28
professionalAnurag Gandhi24-Oct-16 21:28 
GeneralRe: Short answer - All Of The Above! Pin
irneb24-Oct-16 21:41
Memberirneb24-Oct-16 21:41 
GeneralRe: Short answer - All Of The Above! Pin
ISanti24-Oct-16 22:16
MemberISanti24-Oct-16 22:16 
GeneralRe: Short answer - All Of The Above! Pin
Karthik_Mahalingam9-Nov-16 18:48
professionalKarthik_Mahalingam9-Nov-16 18:48 
GeneralSecurity is "Job Nummer One" for everybody Pin
KarstenK24-Oct-16 7:47
mveKarstenK24-Oct-16 7:47 
GeneralDevelopers, developers, developers, (and only partly developers). Pin
OriginalGriff24-Oct-16 6:27
mveOriginalGriff24-Oct-16 6:27 
GeneralRe: Developers, developers, developers, (and only partly developers). Pin
Nelek24-Oct-16 6:34
protectorNelek24-Oct-16 6:34 
GeneralRe: Developers, developers, developers, (and only partly developers). Pin
Philippe Mori24-Oct-16 7:49
MemberPhilippe Mori24-Oct-16 7:49 
GeneralRe: Developers, developers, developers, (and only partly developers). Pin
Nelek24-Oct-16 23:38
protectorNelek24-Oct-16 23:38 
GeneralRe: Developers, developers, developers, (and only partly developers). Pin
Slacker00726-Oct-16 0:04
professionalSlacker00726-Oct-16 0:04 
GeneralHackers Pin
snorkie24-Oct-16 5:30
professionalsnorkie24-Oct-16 5:30 
GeneralRe: Hackers Pin
Philippe Mori24-Oct-16 7:53
MemberPhilippe Mori24-Oct-16 7:53 
GeneralIf a user want some level of security, he should make it clear Pin
Philippe Mori24-Oct-16 3:53
MemberPhilippe Mori24-Oct-16 3:53 
For example, if you develop a web site for a client, then that client has to specify that he wants a secure web site.

Obviously, if the site allows to make financial transactions or keep informations that are really confidential (like credit card numbers), those who are responsible for the development should take appropriate actions.

For anything in between, it should be specified in the contract if the user want a given level of security and obviously the cost of building the system should be adjusted to implement and validate desired security level.

Obviously, a programmer should follows good programming practices like using parametrized SQL queries, storing hash for passwords and using secure RTL functions to reduce the possibility of systems being compromise by taking advantage of that.
Philippe Mori

GeneralRe: If a user want some level of security, he should make it clear Pin
Nelek24-Oct-16 6:21
protectorNelek24-Oct-16 6:21 
GeneralRe: If a user want some level of security, he should make it clear Pin
Philippe Mori24-Oct-16 7:43
MemberPhilippe Mori24-Oct-16 7:43 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.