Data Security and Privacy with the Privacy Professor artwork

No Change Control is Like Playing with Fire in a Dynamite Factory

Data Security and Privacy with the Privacy Professor

English - February 19, 2019 08:00 - 56 minutes - 4.51 MB - ★★★★★ - 5 ratings
Technology News Tech News Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Backdoors in Cybersecurity Tools Gives Privacy Only to Outlaws
Next Episode: Is AI a Friend or Foe to Information Security and Privacy?

Increasingly more often over the past couple of decades, organizations have been eliminating software and systems change controls, often as executive decisions to save money. Too many are making changes in applications directly within the production environment, especially SaaS businesses, with complex and multiple services offerings. When separate test environments are not used, numerous risks are created for all involved, not to mention being compliance violations under many legal requirements.

What are the basic components that should be part of a change control management process? What are the risks involved when making changes to software code within production environments? How can doing insufficient testing lead to breaches, and lost client data and access to online services? What lessons can be learned about change controls from the Vanguard Rocket?

Rebecca discusses these and related issues with Dr. Dan Shoemaker in this episode.

Books Referenced