Question
-
CreatorTopic
-
July 12, 2021 at 2:54 pm #2141012
A new way to secure the app?
by bryanvieta · about 3 years, 6 months ago
Tags: Security
Currently, I’m working on a web app for the finance company that runs on just LAN. My client wants me to be innovative when it comes to web security. I have developed the app with node.js and react.js.
I have already used Bcrypt to hash passwords. My client wants something more to enhance security. I have no idea what to answer him. I will be grateful if you could just share something on this!
-
CreatorTopic
All Answers
-
AuthorReplies
-
-
July 12, 2021 at 4:33 pm #2419816
Let’s define “new.”
by rproffitt · about 3 years, 6 months ago
In reply to A new way to secure the app?
New would be concepts new to those that asked.
As to security, that’s a topic we could go on and on.
The story so far is that there is a balance of security and ease of use. Since I don’t know all the company, app and more security requirements (did they provide requirements either in PDF, documents or other hard form?) I can’t tell how far you must go.
How about this. Beyond Bcrypt, maybe two factor logins and access. That is, when someone logs in, a text or message is sent to “the big cheese.” Or to get to a deed two factor, the boss must press some ALLOW ACCESS button on each login.
Full disclosure. I know about some finance companies. Not all but in the case of those that refi they usually are fine with basic security and anything that slows down the process is never accepted without a lot of pushback.
-
July 12, 2021 at 5:51 pm #2419811
Reply
by bryanvieta · about 3 years, 6 months ago
In reply to Let’s define “new.”
As I mentioned above that this app is going to be running on LAN (local area network).
So, I proposed my client to ask computer networking administrator to set up firewall on the server. Let’s see what he says. He is one **** of a tech geek, he is irritating but a great mind. Its going to be difficult for me to convince him.
Meanwhile, I’m going to do some research on two factor logins and access. Thanks for your help!!
-
July 12, 2021 at 6:19 pm #2419810
The firewall.
by rproffitt · about 3 years, 6 months ago
In reply to Reply
I hate to write this but the security there is “not so good” as most attacks are from within and not from a direct attach from the web.
Remember I can’t guess your system. You might have SQL (MySQL for most) and that can have it’s own security such as only allowing only access from specific IP. Nod to old discussions such as https://stackoverflow.com/questions/13208614/restricting-mysql-connections-from-localhost-to-improve-security
Sorry for the typo above.
-
July 13, 2021 at 5:07 am #2419801
Sulotion
by bryanvieta · about 3 years, 6 months ago
In reply to The firewall.
I’m using not using SQL db but I’m using Mongodb, it works great with Express. I just found a few more security measures for it:
– I can make Mongodb accept incoming requests from one particular port
– I can use wiredtiger encryption at rest. With this, mongodb will encrypt all incoming data and protect with file-system permission.Along with that, my client has come up with another solution:
– We will convert sensitive information to hash into binary and then save it to database, when a user wants that information, it will convert binary to hash and then descrypt like this website: https://binarytotext.net I just scrapped this website, there is just a few lines of code to develop a binary translator. They are using bignumber.js javascript library to deal with the large incoming data and convert to binary.
I hope this will help users who are looking for the security of their app..:)
-
-
-
August 24, 2021 at 6:56 am #3939079
Application security best practices
by sparity · about 3 years, 4 months ago
In reply to A new way to secure the app?
1.Get an application security audit.
2.Implement proper logging.
3.Use real-time security monitoring and protection.
4.Encrypt everything.
5.Harden everything.
6.Keep servers up to date. …
7.Keep software up to date. -
June 1, 2022 at 11:08 am #3974734
7 Web Application Security Best Practices
by Upendra Patel · about 2 years, 7 months ago
In reply to A new way to secure the app?
Security is a big issue for web development. There are many practices to follow to make your application more secure. Here’s a list of the seven most crucial web app security practices you should follow every time you develop a web application.
7 Web Application Security Best Practices
1. Carry Out A Full-Scale Security Audit
2. Ensure Your Data Is Encrypted
3. Implement Real-Time Security Monitoring
4. Follow Proper Logging Practices
5. Continuously Check For Common Web Application Vulnerabilities
6. Implement Security Hardening Measures
7. Carry Out Regular Vulnerability Scans and UpdatesFor More Information Check This Article: https://www.tristatetechnology.com/blog/best-security-practices-for-a-web-application/
-
June 10, 2022 at 7:14 am #3976951
Reply To: A new way to secure the app?
by ArhamSoftPvtLtd · about 2 years, 7 months ago
In reply to A new way to secure the app?
Show an app chooser.
Apply signature-based permissions.
Disallow access to your app’s content providers.
Use SSL traffic.
Add a network security configuration.
Create your own trust manager.
Use HTML message channels.
Check availability of storage volume.
-
-
AuthorReplies