Understanding & Defending Against Data Breaches, as a Practicing Software Developer

Ab03678bbcfaa5425274e4d3905ae7b8?s=47 Frank Rietta
February 05, 2015

Understanding & Defending Against Data Breaches, as a Practicing Software Developer

A presentation on security incidents that lead to customer data breaches, which have been happening at an increasing rate, from the latest Anthem Blue Cross breach, to Target, to Home Depot, to breaches including the MongoHQ incident that lead to the BufferApp compromise.

Video is at:

Event meetup page:

Resource for finding out State laws on data breaches

History has taught us that waiting until a software project is complete and bolting security on through the use of security software or network security countermeasures is not effective enough. To have a chance to build a secure system, a team requires the active support of developers and for the organization to adopt a written information security policy that influences business model decisions and the user story writing workshop. It's not just about code and most non-developer stakeholders truly do not have enough knowledge to make informed decisions without the help of the developers. That means that developers need to be aware of basic legal requirements and be able to communicate these issues during the planning process.

Frank is the CEO of a development agency with team members in Nashville, TN, and in Atlanta, GA. Rietta works primarily with startup companies that are building out their web app and infrastructure.

Whenever you’re considering the security of a system, ask three questions:
1. Secure against what?
2. What is the worst thing that can happen?
3. Compared to what alternative?

You can learn more about Rietta at https://rietta.com
Frank is on Twitter at https://twitter.com/frankrietta

This presentation was given on Thursday, February 5, 2015, at the Nash.rb meetup in Nashville, Tennessee.


Frank Rietta

February 05, 2015