EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Samples - which ones do you need?

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#32869
Posted: 03/31/2015 13:07:51
by Darian Miller (Standard support level)
Joined: 06/27/2011
Posts: 48

Samples for "best practice" management in the middle tier application services layer using your tools.

Aspects could include...

Secure password storage in file system, registry or database

Periodic recycling of symmetric keys

Securely protecting passwords while in memory (CryptProtectMemory likely candidate for Windows)

Separation of duties in managing the keys (Dev having access to source but not keys, while System Admins having access to keys but not source but source/keys both needed to access secure data.)

MFA for key management duties (using OTP new in SBB12)


Each individual piece can be handled, but getting a fully operational secure system can be difficult.

Reply

Statistics

Topic viewed 37383 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!