[Hidden-tech] errors & ommisions insurance for web designers - about security

Rich rich at on-the-net.com
Fri Mar 6 08:59:20 EST 2009

Previous message: [Hidden-tech] errors & ommisions insurance for web designers
Next message: [Hidden-tech] errors & ommisions insurance for web designers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This can be addressed from 2 perspectives:

1) Do your homework on such a site and include review of security 
issues, possibly by a security consultant,
(which the client should see as a paid for line item), and provide such 
review to the client.

2) Your contact with the client should absolve you of any responsibility 
for operations of the site, once you deliver it.

The point you raise is a good one - not from a legal perspective, so 
much as from an honest understanding that the net
is no longer a nice friendly place to be.  For our business we have gone 
beyond the point of watching for and securing
against hacking attacks -- now we expect constant attacks.  Our server 
logs show ongoing attacks on any moderately
visible site ongoing (esp from RO/RU/CN domains) pretty much all the time.

This argues for various measures once a site is live to monitor logs for 
odd activity, and using tested web frameworks, which
are being developed with security in mind. Where custom dynamic script 
code is written for a web site, always have it reviewed by another 
programmer, preferably someone with security programming experience.

BUT proper security is a much bigger and longer discussion.

Rich

Nancy Salwen wrote:
>  Thank you all for your feedback!
>
> What I gather from what most of you say, is that the cost of E&O makes 
> it unrealistic for my small sole-proprietorship and that in addition 
> it's probably unnecessary...  but do you worry about being held 
> responsible in the event of an e-commerce site that you've developed 
> being hacked and a customer (or customer's customer) losing money? 
> Maybe I just worry about things too much!
>
> Thanks,
> Nancy
>
> ______________________________
>
> Nancy Salwen
>
> nancy at salwen.net <mailto:nancy at salwen.net>
>
> http://www.salwen.net
>
> 603-357-4693
>
>
>

-- 
Rich Roth
CEO On-the-net

Bringing you complex online systems since the net was young
http://www.tnrglobal.com - http://www.on-the-net.com/rr/

Previous message: [Hidden-tech] errors & ommisions insurance for web designers
Next message: [Hidden-tech] errors & ommisions insurance for web designers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Hidden-discuss mailing list