Home Services About Us Information Sign In
Services:Web Application Development :Technology:Security:

Eliminate Default Accounts


Eliminate default admin and other known accounts in your software (e.g. sa in SQL Server, system in Oracle, admin in Access)

Donít give any user more than the minimum privilege he needs

Handle error messages and donít give away programming details in error responses

Apply appropriate vendor patches to the operating system, database, web server and any other software involved in delivering your application, in a timely manner. Often this involves response within twenty-four hours of notification. For hosted applications, a responsible hosting provider will apply these patches. Specify appropriate responsiveness in any Service Level Agreement.

Protect access to your web server files carefully. FTP and database access must be protected with strong passwords and encryption.