Print This Issue

One Step Ahead
March 25, 2008, Volume 54, No. 26

One Step Ahead

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.

Risks of End User Software Development

It is estimated that in 2005, in the US, there were 2.75 million professional programmers and 55 million end user software developers, i.e., people who had taught themselves to program. The trend began in the 1980s with spreadsheet software and continued with the advent of easy-to-use tools like FileMaker, PageMaker, and Visual Basic, to mention just a few.

End user software development tends to be cheaper and faster. Often, however, a downside is that it does not conform to the types of policies, rules, and standards professional programmers observe. The editor of IEEE (Institute of Electrical and Electronics Engineers) Software puts it this way:

“... we now have systems on the Web that dilettantes built in their spare time while holding down a job in marketing, accounting, hardware repair, or even medicine. They’ve given little if any thought to systematic testing, maintainability, design, and yes, security. These systems are available to the entire Internet community—geography and international borders no longer buffer our data from programming mistakes.”

If you are an end user software developer, consider getting a second opinion from your IT professional. There may very well be serious risks that you can’t see that experienced IT staff can help you identify and mitigate.


To receive weekly OneStepAhead  tips via email, send email to listserv@lists.upenn.edu with the following text in the body of the message:  sub one-step-ahead <your name>.

For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/.

Almanac - March 25, 2008, Volume 54, No. 26