14 DAY TRIAL // Now, you have to look at things from multiple perspectives - you deploy some software to keep you secure, to take down threats, or to keep intruders away, but you probably won't consider the fact that software will make you vulnerable. Yeah, that's right - program flaws could help hackers take advantage of your machine, and security software is no exception. Aside from how effective the protection offered by a certain AV or by a firewall is, that particular software may have a bug that can be exploited by hackers.
Of course, you can't tackle these problems by yourself - all you can do, as a user, is keep your software up to date, other than that, there's not much else. But what about the company's end of the bargain?
Well, as InfoWorld reports, it's 5 things that one company could do, to improve the security of their software, and I'm not just talking about the ones that provide security solutions, I'm talking about all software vendors.
First thing is that they need to be open and to make communication easy - a lot of people find bugs and flaws, but if they don't know where to report them, these issues will never be disclosed. Then, there's the fact that all bugs need to be fixed at the same time - disclosing info about a bug and leaving it unfixed, while only patching up some other stuff, will make the program even more vulnerable.
Customers need to be notified of security issues in a fast and easy way.
Another thing that program developers should do is separate updates. Security patches are one thing, while feature updates are another.
Finally, the last idea explained by InfoWorld regards security fixes - notify people that a vulnerability has been disclosed and that it will be patched. Upcoming security fixes should be listed for all users to see.