SIN 17FAILURE TO PROTECT STORED DATA
OVERVIEW OF THE SIN
Sensitive data must be protected when the data is at rest. In many cases, it’s the law! We touched on a variant of this issue in Sin 12, which dealt mostly with accidental leakage of data through application error messages and various side-channels. This chapter will look mostly at how to protect data at rest so that it cannot be accessed, accidentally or maliciously, by other than authorized parties.
Unfortunately, software designers often worry more about protecting information in transit than protecting the information while it is on disk, but the information spends more time stored on the system than it does in transit. There are a number of aspects you need to consider when storing ...
Get 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.