Employees today are more mobile than ever. As we saw, due to COVID-19 the majority of organizations moved their employees to a work from home model overnight. This quick change of location forced businesses to implement solutions that would provide their workforces secure remote access to an increasingly complex corporate network.
In Part 1 and Part 2 of this blog post series, Snowflake Service Account Security, discussed service accounts threats and how to mitigate those threats with Snowflake features. Part 3 demonstrates how to manage credential rotation with a sample Hashicorp Vault plugin. You can use many platforms to achieve similar results. The important thing is to understand the patterns used to apply these controls to protect your service accounts.
As more and more data is exposed via APIs either as API-first companies or for the explosion of single page apps/JAMStack, API security can no longer be an afterthought. The hard part about APIs is that it provides direct access to large amounts of data while bypassing browser precautions. Instead of worrying about SQL injection and XSS issues, you should be concerned about the bad actor who was able to paginate through all your customer records and their data.
Wire encryption protects data in motion, and Transport Layer Security (TLS) is the most widely used security protocol for wire encryption. TLS provides authentication, privacy and data integrity between applications communicating over a network by encrypting the packets transmitted between endpoints. Users interact with Hadoop clusters via browser or command line tools, while applications use REST APIs or Thrift.
Today, we’re excited to announce Data On-Prem for development teams that operate in data-sensitive environments. This new feature truly lets you have the best of both worlds, by enabling large enterprises to leverage Rookout as a SaaS offering, while also meeting the rigorous governance and control requirements that these companies often face.
As important as adding new features, app developers need to start placing more emphasis on the security aspect of the applications they design. After all, more app features mean more data residing within an app. Without proper security controls in place, that data can be vulnerable to intruders.