Abstract :
A wide range of legal and regulatory issues surround Web software development, including the need to protect consumer information. A good set of security policies limit company exposure. Understanding and implementing good policies is therefore as essential as implementing SSL. In this article, we consider two simple questions: why should software architects and developers work with corporate information security policies and, just as important, how? But first, a disclaimer: by virtue of this discussion, we inevitably have to consider relevant state and federal laws and regulations. However, this article isn´t predominantly about the law and isn´t meant to render legal advice. Instead, we hope to understand how policy compliance plays a pivotal role in obtaining protection both under and from the law. This article doesn´t provide an exhaustive study of all the relevant laws, but we cited some sources of further information
Keywords :
consumer protection; security of data; software engineering; Web software development; consumer information protection; corporate information security policy; policy compliance; software legal aspects; Authentication; Computer hacking; Computer security; Data security; Information security; Law; National security; Privacy; Protection; Regulators; internet; policy; security; security policy; software; web software development;
