Here at Acme, we have published our apps to our InTRAnet. Now the great Kahuna has said, "You will publish the new app to the Internet."
We plan to delete everything that is not compiled before we publish it. So we won't leave code in cleartext. Also, we have the sql commands going to stored procedures. So a nefarious user could not inject sql.
What else should we do? We aren't responsible for the network as a whole, just for making our own app secure. It uses asp.net + crystal reports.
We plan to delete everything that is not compiled before we publish it. So we won't leave code in cleartext. Also, we have the sql commands going to stored procedures. So a nefarious user could not inject sql.
What else should we do? We aren't responsible for the network as a whole, just for making our own app secure. It uses asp.net + crystal reports.
