Microsoft on Thursday announced the results of a study with Kingpin Intelligence into the security attitudes of both software development managers and the developers who work for them.
The study showed that, while both parties are passionate about securing code, achieving the required level of security in a typical software development environment can be hindered by time, staffing and budget constraints. However, the study revealed that environments using managed code exhibited considerably fewer of these issues.
When asked why security was important, managers said that protecting data was the strongest factor, followed by the prevention of unauthorised system access and ensuring end-user confidence.
The most common factor cited for prioritising security amongst developers was company reputation.
Of the more than 300 UK developers surveyed, 40 percent of those who work in unmanaged-code environments felt that time allocations from management are a barrier to developing secure code. Additionally, developers who work in unmanaged-code environments were a third more likely to cite their managers' difficulties in hiring new developers with sufficient skills in securing code as a hindrance.
Managed-code environments were seen by developers as key to improving the speed and security of the development process — yet 54 percent of developers said they have never had a chance to use such tools. Of those that have, 70 percent reported benefits such as easier code re-use, leading to quicker development times, which eases the time pressures that can so often hamper the creation of secure software.