Numerous enterprises have a corporate security policy, but it is not always referenced when IT selects end-to-end business application security measures. The application's overall importance is often overlooked as the IT staff focus on more technical concerns. Enterprises should consider the following recommendations to ensure appropriate security measures are selected and implemented.
- Ensure IT complies with corporate security policy direction.
- Establish the application's security based on its corporate importance.
- Review the impact of a security breach with executives and legal counsel.
Effective business application security complies with corporate security policy, takes into account the application's importance, and considers any potential liability resulting from a security breach.