We at BSM Development have been involved in securing software and systems since the mid-seventies. This extensive experience and first-hand knowledge of what can happen if security is breached has led us to become very conscious about security. That famous quote about, "Just because you aren't paranoid doesn't mean they aren't out to get you" is even more applicable in this day and age. Sadly, what you don't know will hurt you. Let us bring our suspicious and untrusting nature to bear on your security problems, thereby to assist you in plugging those security holes before the bad guys get in. Trust us. You don't want to be locking the barn door after this horse has bolted.
If you would like BSM Development to apply its comprehensive understanding of security problems and solutions to your systems or products under development, please contact BSM Development and describe how you think we can help you, along with your contact information.
In the early days, simple password protection of certain files was all that was needed to secure systems and software. Recognizing the importance of security, even at that early point in time, we were there to implement password protected files in the Operating Systems of the day. Although it was difficult to patch the OS to invoke our security modules and protect the files from unauthorized opening and closing, we felt that it was neccessary to have some security protection on a system that originally had none at all. Thus the reason for modifying the OS. Fortunately, the bad guys were just as unsophisticated as we were and there was no need for heavier security. Wouldn't you give your right arm for those good, old days?
Nowadays, literally billions of dollars in wasted productivity are lost to security breaches attributable solely to malicious viruses. Think what could happen if a bad guy was intent on breaking into your system and actually stealing business secrets or doing serious damage instead of just being annoying in a feeble attempt to prove his manhood. You could be in for some major down time or loss of valuable information.
There is an ever-expanding array of solutions to the ever-expanding list of security problems (see the CERT Coordination Center for more information). BSM Development has experience with state-of-the-art security techinques such as packet filtering, fire walling, Virtual Private Networks, secure data exchange channels and validation techniques that can be applied to your systems to make them less vulnerable.
We are the authors of an email virus filtering package (did you know that most viruses make their way into the systems they infect via email messages) that can be used at the system level to remove viral material from email and notify your users of suspicious mail. We have also produced a email filter validation suite that can be used to test the effectiveness of your mail filters against known, problematic mail messages. This practical experience gained in the trenches of the email virus war can be applied to make your systems safe.
Good security doesn't happen by accident nor is it bolted on to a product as an afterthought. Rather, it is built into the software from the beginning. Here too, BSM Development can help you. In order to do any useful work, many programs must run with better than average priviledges. If the programmer isn't careful, the priviledges enjoyed by a program can be exploited by an outsider to their advantage. BSM Development knows the many pitfalls to avoid and how to check and double check what kind of work is being done by priviledged programs to avoid doing anything disallowed on behalf of the wrong people.
Securing data transfer and service requests is another area where BSM Development has knowledge that will be of value to you during your product development. We know how to use the latest in key exchange, encryption and validation algorithms to ensure that you know whom you are dealing with, that they are who they say they are and that all data sent between yourself and them is protected from prying eyes. Our experience to date includes the use of public/private key encryption, digests using MD5, block cyphers and validation via nonces and secrets.
Finally, it is often through overlooking simple details that security breaches of an otherwise secure system or product occur. At BSM Development, we are never enamoured of high tech security solutions to the point where we cannot see the simple ways into a secure area. By identifying and eliminating the simple entry routes, we can prevent those really embarrassing moments when a 14-year-old kid breaks into your super-secure system just to show off to his friends.