Secure Data In Software Development

What it is?

Why do we need data security?

In this topic, we protect against,

  1. Data Leak
  2. Data loss
  3. Data inconsistency

How do we implement data security?

  1. Make the data access as hard as possible
  2. If data is stolen, then make it as hard as possible to read it.

Make the data access as hard as possible

  1. Implement full-blown authorization
  2. Employ the least-privilege principal with well defined roles and privilegess

If stolen, we should make it hard to read. In other words we should implement some kind of encryption mechanism on the sensitive data.

We have two options for that,

Use built-in DB encryption capabilities

In cloud era, most of the out of the box database services are encrypted at rest.

Self develop a mechanism

Key Management

Key stores or vaults can be used to securely store keys, certificates and more. Never ever store the keys in our code of config file. There are more popular key stores/vaults out there for us to evaluate and use.

Things to consider

  1. Decide on encryption strategy. Always try to use DB built in mechanism.
  2. Make sure there is secure key store in the organization. In any case do not initiate any encryption related work without a key store in place.

Passionate Technical Lead, Senior Software Developer and free and open source software advocate

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store