> discussing it the other day with someone and they requested
> some documentation so that they can show their boss. The
> guy wants to go to a separate SQL server but the boss
> won't let him until the cost is justified.
I don't really have any formal documentation handy for this, but you can
pick up any book on web application security and it'll be in there
somewhere. As for whether the cost is justified, it's often hard to perform
cost-benefit analysis until it's too late.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
