ABSTRACT
ONCE SOFTWARE HAS BEEN formally accepted by the customer or client, it is ready to be installed or released but the installation and deployment process itself needs to be performed with security in mind. Just because software was designed and developed with security in mind, it does not necessarily mean that it will also be deployed with security controls in place. All of the software assurance efforts in designing and building the software can be rendered futile if the deployment process does not take into account security. In fact, it has been observed that software face hiccups when it is installed and decisions such as allowing the software to run with elevated privileges or turning off the monitoring and auditing functionality adversely impact the overall security of the software.
