Offering the flexibility of online education and support for military students.
Every day, talented individuals are proving it's never too late to think about the future.
Learn more about becoming an international student at US-based and accredited Kaplan University.
Learn about transferring your previously earned college credits to Kaplan University.
We have partnered with many employers and educational institutions to provide their employees and students with education opportunities.
Corporate and Academic Partners
Kaplan University is dedicated to the support, engagement, and involvement of our graduates.
Resources for current Kaplan University students.
We have 15 ground locations across the country. Explore our locations to see if we're in your neighborhood.
Learning Center Experience
August and Rhonda G. Chicone
recently read an article by one of my colleagues (coauthor of this article) that
asked whether software developers were the Achilles’ heel in regards to
Because we are both software developers and educators, we decided
to answer the question. Yes, software developers are to blame for insecure
software, but not entirely. Typically, software is not created by just one person;
it is a collaborative effort, requiring input from many individuals within an
organization, the requirements typically come from customers and/or
stakeholders. A good example of a stakeholder is a marketing department. A
business analyst or requirements engineer will prioritize the requirements for
the features of the software system. A schedule is then put together. The
software development team is monitored to be sure the requirements are met when
creating the software system. Finally, the software quality assurance team will
verify that the requirements have been met.
time during this process, individuals have the opportunity to ask about the
security implications of a feature for the system. The best time to bring up
such concerns is when the feature is first proposed. So, we place the blame on
the entire team, not just the software developer.
a team solution; everyone involved in the project has an important role and
responsibility to play when it comes to secure software development practices. The
organization has to make security an essential part of the software development
life cycle starting at inception. Security implications and concerns need to be
considered during every step of the life cycle, which includes the requirements
phase, the software design and implementation phases, and the testing and the
maintenance phases. Mind you, it doesn’t matter what software process
methodology (waterfall or agile) an organization is using, as security needs to
be a part of the organization’s culture. Security should be one of the goals of
the system as opposed to an afterthought or an oversight. The stakeholders may
not know the technical solution that is needed, but they should have their eyes
on the bigger picture and recognize the need for secure software systems. Also,
an organization should strive to hire the best people it can find. In addition,
organizations should use tools to communicate, collaborate, increase
productivity, and monitor progress of ongoing projects.
developer is responsible for creating software that will operate in a safe and
secure manner. The environments that software runs within have changed quite a
bit with the advent of mobile and cloud computing. Can one person be expected
to know all of the intricacies?
software team, there are different levels of expertise. The junior members are
often mentored by the more senior members. The technical lead and architect should
emphasize security in every solution they design. It should always be a design
are well-known techniques that can help to improve the quality and security of
software systems. As a leader, the technical lead architect should inspire the software
development team to get on board and excited about using these techniques, as
they will go a long way toward solving the security issues.
software architect is the most technically seasoned member of the team. It is
the role of the architect to lay out the original solution. This design will be
at the core of the entire system. The initial design sets the pattern for the
rest of the team to emulate. Create an
example of validating input and handling various types of software exceptions
(otherwise known as exception handling). Take the time to teach the team. The
architect needs to be aware of best practices and what technologies can be used
to solve the problem at hand.
to accomplish this is to make use of best practices. These are known ways to
solve a similar problem. These are called design patterns. Can one person know
about all of these? It takes time to become a seasoned software developer, so take
advantage of those who came before you.
way to produce secure software is to make use of proven frameworks. Frameworks
are special libraries of software routines. These special libraries are written
by software companies that specialize in specific areas. The software company
provides a reusable well-defined interface for software developers to use.
frameworks have already integrated many security features.
standards help to ensure interoperability. In some cases, the software systems
may have to communicate with other software systems. Standards can be used in
this case. They are specifications to common problems in software engineering.
There are hundreds standards in the computer industry.
the software development team creates should adhere to naming and style
conventions. These conventions can be defined by the software development team.
What is important is that the code is uniform, and that the coding standards
are agreed upon and used by every software developer. In addition, code reviews
can be very beneficial to a software development team. Reviewing is when a completed piece of code is
examined by another software developer. It is similar to peer reviewing and it helps
find issues that the original software developer may have missed.
of the experience of the software development team, it is crucial to emphasize
the need for security within the software development process. Everyone
involved in the process must own the fact that security is a goal. Once
software security becomes a goal, the culture of the team or organization will
start to change. Software developers will strive to consider security in every
solution they create thereby reducing cybersecurity risks.
Interested in this career? Check out Kaplan University's IT resources here.
August and Rhonda G. Chicone are professors at Kaplan University. The views
expressed in this article are solely those of the authors and do not represent
the view of Kaplan University.
KU Facebook Page
KU Twitter Page
KU YouTube Channel
KU Google+ Page
KU LinkedIn Page
KU Pinterest Page
KU Instagram Page
Registered User Login
Student Consumer Information
LEARNING AT KAPLAN UNIVERSITY