Steve Jobs can ban flash on Apple products, Google can discontinue supporting IE6 or 7, but how many of us can dictate the minimum requirements for accessing your websites?
I wasn't surprised when one my clients gave me requirements that the state of the art new financial portal must support IE6, in addition to supporting every other browsers out there, including iPad & iPhone. The senior executive wasn't shy about it when he said that we would support IE6 as long as there were at least one client using it. It sounds great from a customer service perspective, but does it really make sense from your organization's security standpoint? All we are discussing is just browser versions, how about the long list of protective (?) software on workstation, like firewalls, antivirus, anti-malware, anti spyware? What about the browser extensions? Are they providing protection or stealing data? What's at stake here? Is it not your organization's good name and your client's trust!
We all know how much money and effort is going on to fortify the web infrastructure, but the client workstations have remained to be the easy soft belly that hackers target. It is about time that we introduce to some industry client side standard for securing the future e-commerce!
No comments:
Post a Comment