We have covered some security issues in previous chapters, but for some issues that seem to be frequently ignored, we need to cover them with a little bit more depth than the small info box in the middle of the text and see why they are such large issues when used improperly. While it might seem like a lot of work to implement all the things we pointed out in various warnings and info boxes, the smaller the attack surface you provide to your potential intruders, the better you will be in the long run. That said, unless you are working on deploying this system for a government agency, I expect that there will be some compromises but I urge you to strongly weigh the pros and cons for each otherwise you risk getting that dreaded midnight call about an intrusion.
Advanced security
Ironically, hardened systems usually take so much time to develop and deploy that they are often obsolete or provide marginal business value by the time they are in production environments, and due to their carefully assembled pieces, they are rarely (if ever) updated with a newer functionality, have patches applied to them quickly, or code improvements done on the source so it is a truly a double-edged sword. There is never a perfect solution, only a range of things you are comfortable with to some degree of dealing with. Historically, I have mostly seen horrible execution on either extremes of the fence so my advice here is that you look for a blend of the two if possible.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.