1. What security features and controls are built into your product?
Every software product should include the following aspects:
- Basic security measures
- Security measures to ensure compliance with governmental regulations and privacy requirements (See the “Honorable Mentions” part)
- Software features
You need to be familiar with every new security feature, especially those that may change the dynamics between the product and customers. To illustrate this, we just need to imagine how the implementation of two-factor authentication may slow down low-end performance devices every time users attempt to access sensitive sections of an app. While this security measure adds an extra layer of access control, the example demonstrates a typical trade-off between security and convenience.
Irrespective of whether we talk about applications, cloud services or devices, collecting and storing data in a safe manner is of paramount importance. To access an app through authentication mechanism based on username and password, for instance, developers need to store these credentials on a server which securely connects to the app; therefore, both the app and the cloud storage facility need to maintain a high level of data security.
Mobile devices are susceptible to unauthorized access to cached information because they tend to retain short-term information for more extended periods. To avoid security breaches, developers can mitigate the threat by programming an app to wipe the cache every time the mobile device reboots automatically or by adding a password to the app functionality.
Anti-reverse engineering mechanisms may save your business and reputation since you will be held liable by users if your product or service becomes a victim of malicious copycats.
Developers must put controls in place that prevent client data record from being corrupted during input and output of data. SQL injections and cross-site scripting present a serious concern. When coding, the developer must take into consideration that the system that provides control checks should have the capability to demonstrate and thus validate this process.
Doug Tidwell, a software engineer at IBM, advised that “[t]o ensure that malicious scripting code is not injected into your page [during a cross-site scripting (XSS) attack], your best line of defense is to encode all variable strings before they are displayed on the page. Encoding merely means converting every potentially dangerous character to an HTML entity.”
Physical Security Breaches
Only 10% of North American developers (and only 4% of them being employed by large companies) place physical security at a central position with regard to access control on mobile devices.
Truth to be told, developers cannot prevent the theft of mobile devices. What they can do is to install a local session timeout code that will ask users to re-enter their password to obtain access to an app periodically.
2. Do you encrypt data?
Developers often come across some problems when integrating encryption into their applications. Even software code, however, must be protected with encryption based on well-supported algorithms combined with API encryption. Obfuscation and minification techniques are sometimes not good enough to repel more sophisticated threats. It is imperative to encrypt data in its every state – in use, in transit, at rest.
Apps that require users to input sensitive data (e.g., bank card or Personally Identifiable Information (PII)) must invest in reliable encryption techniques. Such information is better not to be stored directly on a user’s device unless its storage capabilities are really reliable (like encrypting user data with keychain for iOS).
File-level encryption is a tool that works on a file-by-file basis, and it is particularly useful for protecting data at rest.
Containerization is a type of virtualization strategy that creates separate containers at the operating system level, which can be encrypted, and it is a viable alternative for securely storing data and documents.
Data federation is a security measure for decentralized storage of data that spreads out critical resources across numerous serves and operates using a database that contains metadata about all the remote data.
VPN, SSL, or TLS add extra security when it comes to encrypted connections. To elaborate on SSL certificates: it is essential to implement proper SSL libraries, especially in the context of mobile applications where users are more prone to hacking via insecure Wi-Fi connections. Most users do not know about HTTPS encryption. Nevertheless, despite their ignorance, you yourself must implement such an indispensable security mechanism; otherwise, the very same users may file a lawsuit against your company. Consequently, leaving the enforcement of this security measure at users’ discretion is not always a good idea.
It should be noted that key management is also essential since your algorithm protection will be utterly useless if keys and certificates are exposed to hacker attacks.
3. Where is the customer data stored?
This question is about the whereabouts of the storage facility where the data is located. This matter is urgent because jurisdiction defines customer rights regarding data protection and privacy.
As an illustration, one can compare the data breach notification laws in the U.S. and EU. Only eight states in the United States have laws that require disclosure in the wake of a data breach (time to report: 15-90 days). That was the reason, among other things, why some notorious cases of a massive data breach had been going unreported for longer than usual (Equifax, Yahoo, and Target to name a few). On the other hand, the EU General Data Protection Regulation (GDPR), which will come into force next year, will require companies affected by a data hack to notify customers within 72 hours after discovering it.
4. Do you apply database and application segregation of customer data?
First, customer data should be separated from other data. Second, you should be able to access data for a specific customer without accessing any other irrelevant customer data. For these reasons, many companies prefer to arrange their data in silos that logically segment customer data. Cloud, for example, is like a bank depository – it is one vast infrastructure but with a myriad of security lockers structurally separate from one another.
|Office 365: Microsoft enterprise cloud servers are physically and/or logically separate from the servers for its consumer online services. Enterprise customer data, data in Microsoft consumer online services, and data created by or resulting from Microsoft scanning, indexing, or data-mining activities, are not commingled unless approved by the customer in advance.|
The implementation of this infrastructure should begin from the initial stages of product/service design. The mere existence of separate environments will most likely reflect on the backup strategy as well.
5. What are the backup plan and failover capabilities?
As with encryption, developers have no excuse if they decide not to include backup and recovery features.
Failover is a procedure that makes an app or service more fault-tolerant. As a backup operational mode, failover serves as a natural switch between two system components – primarily and secondary. When the primary component is unavailable (because of failure or scheduled downtime), the second one assumes its functions.
This is a part of the business continuity plan, and the procedure is as seamless as possible to end users. Duplicating production services incurs extra costs and other management expenses.
*** This is a Security Bloggers Network syndicated blog from Cipher Cyber Security Blog authored by Cipher. Read the original post at: http://blog.cipher.com/5-data-security-questions-for-developers