Creating Secure Social Applications
0 likes250 views
The document discusses the importance of internet and data security in social media app development, emphasizing the need for practices such as code reviews, password security, and user education. It highlights the lack of privacy policies in popular mobile apps and the security vulnerabilities present within social platforms. Through case studies, it outlines lessons learned regarding security management, user data protection, and the importance of diverse passwords.
Creating Secure Social Applications
- 1. Crea%ng Secure Apps for Social Media Tyler Browning Director – Agency Development at BlueModus – A Technology Agency
- 2. What does Internet security mean?
- 3. Security for social media is… Data Security – Man, this is it’s own topic. Understanding poten%al data exposure Firewalls Privacy Password Security Risk Assessment Code Review Thinking like a hacker
- 4. Say yes to social apps. Say yes to security and incorporate the following into your development. Applica%on Risk Test Cases Requirements Assessment Security & Code Review development Firewall!!! placed together
- 5. Oh, data, your crazy. Securing a Database Securing User’s Data Password Security Securing your What data do Educate the user server. you have on the on password Protect the data. user? security. Protect the How is data Understand how system. being managed? secure the user Who has access is with their Perimeter data. firewall. to the user ID and other user Internal firewall. data?
- 6. Thinking like a hacker. Where are the Understand the Educa%ng the vulnerabili%es in data. user. the applica%on? Making the case How sensi%ve is for complex + SQL injec%on? the data? unique passwords. What can a Rainbow Table? Pos%ng sensi%ve criminal do with data. the data?
- 7. Why NOT to eff with the privacy policy. "Without a privacy policy to review, consumers Andy Hatch may not have the ability to understand and control the use of their personal data by the Apps,” – MediaPost News Nearly three-‐quarters of the most popular mobile apps lack even a basic privacy policy, according to a new survey by the Future of Privacy Forum.
- 9. "It would appear that security experts are not expertly secured," Anonymous wrote. hZp://bit.ly/iUU0TS
- 10. Lessons from the HB Gary Case Study • If you are not managing the security, know the firm or person and understand their security practices. • Security assumptions are very dangerous. • Diverse passwords! • Know your vulnerabilities and understand what will happen if your system is breached. • Plan for a system breach.
- 11. "...this is a scary privacy issue. I can find the name of pretty much every person on Facebook...Once I have the name and URL of a user, I can view, by default, their picture, friends, information about them, and some other details….. hZp://bit.ly/m8pKvI hZp://bit.ly/kDnMIC
- 12. Lessons from the Facebook Case Study • Understand the security practice around social platforms like Facebook. • Privacy Policy! • What data is open, closed and how could un- authorized folks access a users information. • User ID’s are important to secure on some level. • Security around available API’s.
- 13. Thank you for the opportunity. Tyler Browning @tylerbrowning tbrowning@bluemodus.com hZp://www.linkedin.com/in/tylerbrowning