security-doc/security-guide/source/introduction/selecting-supporting-software.rst

Selecting supporting software

Your selection of supporting software, such as messaging and load balancing, can have serious security impacts on your cloud. It is important that you make the proper choices for your organization. This section provides some general guidelines for selecting supporting software.

In order to select the best supporting software, consider these factors:

• Team expertise
• Product or project maturity
• Common Criteria
• Hardware concerns

Team expertise

The more familiar your team is with a given product, its configuration, and its eccentricities, the fewer configuration mistakes are made. Additionally, having staff expertise spread across an organization increases availability of your systems, allows segregation of duties, and mitigates problems in the event that a team member is unavailable.

Product or project maturity

The maturity of a given product or project is critical to your security posture. Product maturity has a number of effects after you deploy your cloud:

• Availability of expertise
• Active developer and user communities
• Timeliness and availability of updates
• Incidence response

Common Criteria

Common Criteria is an internationally standardized software evaluation process, used by governments and commercial companies to validate that software technologies perform as advertised.

Hardware concerns

Consider the supportability of the hardware on which the software will run. Additionally, consider the additional features available in the hardware and how those features are supported by the software you choose.