SJConsultant
2[H]4U
- Joined
- Jan 14, 2004
- Messages
- 3,599
Suffice it to say, two of my small business clients use the same software package to manage their business. Sadly though the software fails miserably at protecting the financial information contained within the database. Worse yet, this particular franchise is nationwide with potentially thousands of customer financial information at high risk.
I am currently writing an analysis paper on the security flaws to submit to the corporate offices of this particular franchise. In the meantime I'd like to hear from anyone who has experience in dealing with such matters and what steps are recommended in alerting not only the software vendor, franchise corporate offices, but also what kind of timeline should be set before making the information public.
Also of interest are any agencies or groups such as CERT who would most likely be interested in this information.
I am currently writing an analysis paper on the security flaws to submit to the corporate offices of this particular franchise. In the meantime I'd like to hear from anyone who has experience in dealing with such matters and what steps are recommended in alerting not only the software vendor, franchise corporate offices, but also what kind of timeline should be set before making the information public.
Also of interest are any agencies or groups such as CERT who would most likely be interested in this information.