This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

Web application security environment

For most organisations it is a complex task, requiring specialist skill, to develop a comprehensive security environment encompassing strategy, guidelines and policies, as well as the processes, methodologies and standards for the design, development, testing, deployment and maintenance of applications.

We work with organisations to understand their risk profile and to ensure the policies essential to ensuring security are in line with the business requirements.  With our detailed understanding of the technology and products available we work to ensure an organisation’s proposed architecture can be implemented, is cost effective and manageable.

Our consulting services extend to:

• Developing application security strategy
• Developing frameworks, standards, guidelines and policies
• Performing application security business risk assessments
• Assessing application security data protection requirements
• Designing and reviewing secure lifecycle development.

In more detail:

Application security strategy
We consider each of the application security objectives for an organisation in order to deliver a high-level business document covering technology and application strategy. We incorporate technical details in supporting documents including Application Security Framework Standards, Technology Guides, Architecture Platforms and Application Security Roadmaps.

We also work with organisations to regularly review and update the Application Security Strategy as a ‘living’ document to ensure new technologies or changes can be revisited and adopted as required.

Application security framework
We can provide your organisation with a clearly defined and formally documented organisation-wide Application Security Framework with proven and repeatable processes and methodologies for successfully incorporating security into application design, development, testing, deployment and maintenance.

Application security standards
Our Application Security Standards provide a basic methodology and criteria for developing applications within your organisation. They cover, in sufficient detail, common industry standard security controls so that your developers, project managers or application design architects can easily adapt the controls identified within the standards to your application environment.

We ensure the security controls documented are technologically ‘agnostic’, that is, written at such a level that they can be implemented regardless of the technology involved.

Secure lifecycle development
We can recommend a secure lifecycle development process to ensure that, from day one, your application identifies and addresses security concerns.

 

Share

 
Follow us

Share on facebook Facebook Share on twitter TwitterShare on linkedin LinkedinShare on youtube YouTubeShare on rssRSS



 © 2013. See Legal for more legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.

 

Talk to us

                                                

More on Deloitte

 


About us