Security policies and the software developer

A wide range of legal and regulatory issues surround Web software development, including the need to protect consumer information. A good set of security policies limit company exposure. Understanding and implementing good policies is therefore as essential as implementing SSL. In this article, we consider two simple questions: why should software architects and developers work with corporate information security policies and, just as important, how? But first, a disclaimer: by virtue of this discussion, we inevitably have to consider relevant state and federal laws and regulations. However, this article isn´t predominantly about the law and isn´t meant to render legal advice. Instead, we hope to understand how policy compliance plays a pivotal role in obtaining protection both under and from the law. This article doesn´t provide an exhaustive study of all the relevant laws, but we cited some sources of further information