--Originally published at Security blog
Starting the security course! This is the second time I find myself in a course that involves student blogs, and last time it was great, because I could learn many things without the common stress of the traditional grading system, and I feel that gave me some freedom to work at my pace.
Anyway, we’re talking about security here. Being the students we are, we have rarely thought about the security of our projects. We only think about getting the work done and handed in time, as no professor will try to destroy or steal important information from it. Thing is, in the real life, there are many (really, MANY) people trying to steal information, identities, trying to send false email and offensive merchandise, sort of. One would think that there is no people who are exclusively focused on breaking down the security, trying to steal data and use it for their good (or their bad), but the stunning truth is that there is a lot of people trying to do that, at all times!
I began to work in a company in my beloved León this summer. The company is Kiin Energy, an energy company whose main product are solar panels. I arrived there by recommendation of a friend, and searched me to start in an app development project. So this guy, also is a IMT, is in charge of the systems maintenance. He told me that he had a big problem, because some russian guy (really) hacked their server and got a lot of mails from clients. The boss was completely mad, and my friend had to carry on with that. With this experience, I began to understand how important can security issues be.
We began talking about the CIA/AIC triad, a guideline on which standards must be
