“You need to assume that parts of your infrastructure are
compromised, and then respond to that by making sure
that even if the first or second layer is compromised, your
data is still not accessible.”
Data security is a challenge for developers because three types of data protection must take place, and they are handled in different ways. One involves protecting data in process—that is, data that an application is actively using. This problem can be serious because a fairly simple tool can monitor what is happening inside an application, and in a complex environment, any device or endpoint could be compromised.
You must also protect data in transit—that is, data moving between your application and whatever infrastructure is behind it. Finally, you must protect data at rest—that is, data stored outside the application (e.g., in a data center or database). Data protection is further complicated by regulatory requirements, such as the General Data Protection Regulation, which have specific rules about how you protect data and the controls data owners must have over their data.
The first step to improving security is to accept the fact that your environment will be compromised—your network, the server or data center, or the cloud service in which you operate. How do you ensure that your data is safe when you assume from the beginning that the environment is compromised? The answer is to encrypt everything. Many apps do not have their in-process data model encrypted. You need to assume that parts of your infrastructure are compromised, and then respond to that by making sure that even if the first or second layer is compromised, your data is still not accessible.
Another critical step is application programming interface (API) authentication. This step is important because spoofing an API has become easy. Complete toolkits are available for download so that malicious hackers do not even have to understand how the API even works. It’s quite simple to set up a spoof API service. An API responding to your request doesn’t automatically mean that it is the API you want to talk to. Before any interchange with an API, verify that it is the API you actually want to talk to.