I Thought Security And ROI Are Nonsense When Used Together

How wrong I was (Security and ROI)!! My basic breakdown was like "OK, ROI is return on investment - how much do I get if I invest in deploying IPSEC? Well, not much - I definitely can lose a lot when not doing it but ROI - hmm?..."

Now take a look at this. MS started it's TwC (trustworthy computing) initiative in 2002 - that is a lot of investment until now.

Here is customer's quote from https://www.infoworld.com/article/07/04/06/HNwindowsmono_1.html:

"We knew we would only use Windows Mobile, and we waited for it because it's the platform we felt we could secure most easily and at the lowest cost," Perret [ed. - IT Remote Connectivity analyst at Chevron PetroChemical, a joint venture between parent company Chevron and ConocoPhillipsSP] said. "This process of adopting smartphones is all about extending your network onto a new platform and addressing the challenges of that platform, and we felt Windows Mobile presented fewer challenges."

Here is another quote from: https://www.macnewsworld.com/story/VgB95vj73xBmFI/Super-Sized-Apple-Update-Fixes-45-Flaws.xhtml

." Apple has received credit for fixing known flaws, but it may have to get more serious about security if it wants to take on Vista. "

 

So was it worthy to invest in security in terms of ROI? I think "Hell, yes!"

BTW, what your customers think about software you make in terms of security?

Concerned?

Go straight to https://msdn.com/SecurityEngineering

 

Enjoy.

Comments

• Anonymous
  April 18, 2007
  Imagine if security was cool like Silverlight .... But security is not that cool, so the biggest challenge