It is extremely difficult to develop and deploy software that is reasonably secure, and impossible to develop and deploy software that is invulnerable to attack. Reconcile yourself to the fact that you application may be subverted, and plan accordingly.
Do not stop thinking about the security of your application when you have deployed the final product, or even when the system administrator has completed the configurations and users are making use of the functionality. The impact of security lasts as long as the life of the application itself; you should be prepared to monitor for security breaches, and have a plan in place to deal with them.
An effective weapon against hacking is education; you should ensure that your customers understand how you have applied security within your application, assist them in understanding how to recognize an in-progress attack, and how to tell when a hacker has bypassed or subverted your application security. You should aim to build a relationship with your clients that makes it possible for them to report security problems to you, and endeavor to respond to such reports in a responsible and sensible manner. We believe that as a publisher of software, your responsibilities include:
If you are successful in establishing a way in which customers can report security attacks and defects, you have a responsibility to use this information to assess the impact of potential problems and act to reduce the risk to your customers and users.
You should portray the security software techniques you apply to your applications in an accurate and honest manner, and not make unreasonable or unlikely claims. You should educate your customer, ensuring that they understand that no security precautions are impervious to concerted attack, and help them to develop a plan of action to execute in the event of a successful subversion of your security measures. Such a plan should contain a reasonable approach to assessing the impact of the attack and steps to take to restore the application to service.
Your customers can benefit from knowing how other customers are being attacked and whether those attacks are successful. This information will allow for an informed assessment of the security risk as it affects their wider enterprise. We recommend that you should be open and transparent in your handling of security matters, and make as much information available to your customers as possible.
You should use the customer reports you receive to identify security defects in your application, and issue updates or workarounds quickly, effectively and, ideally, without charge. Security defects are unlike other software defects and can expose your customer to a wide range of risks, beyond the compromise of your application; a clear and concise security fix policy can only enhance your reputation as a software publisher, and will help you to build a more stable and secure application.
Companies that understand security to be a necessity publish the software products that we consider trustworthy. These companies accept the inevitability of security defects being discovered in their products, and they act quickly and decisively to provide solutions to their customers. We strongly recommend that you do the same for your customers.