Posted by Ruth Hoffman on Mar 06, 2006; 10:02pm
URL: http://ofbiz.116.s1.nabble.com/Users-OFBiz-application-security-tp137781p137782.html

Hi Robert:
Having seen this same tactic employed in many a sales situation,
especially when the opponent has nothing to loose. The first thing I
always did was go on the offensive by asking for some proof. All
Internet facing applications deal with pretty much the same security
challenges. These challenges are many and varied and for you and your
contact to start taking a defensive posture without having something
more specific than "OFBiz is not secure" is a no-win situation.

I worked for a number of software companies as a sales engineer and this
was a favored sales ploy used primarily when we didn't have anything
else to throw at the competition. If nothing else, it muddied the waters.

Just my 2 cents. BTW, I'd say without reservation, that compared to
other packages I've seen, the ability to configure the level of secure
access and perimeter controls is as good or better than most. And that
is what is most important - support for flexible configuration of:
authentication/authorization; user and session management; data
protection; transaction integrity; disaster recovery and the like - and
not any one specific feature or passing an audit.

Again, my 2 cents.
Ruth

Merrill, Robert wrote:
 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users