Creating a secure application requires many safeguards, but by far the most important are those that secure the data in the application. These are also the most difficult to implement.
When it comes to securing application data, there are two distinct types of data that must be secured:
- Data at rest. This is data that is stored in a datastore, database, cache, file system, or other repository. It includes everything from the application’s database, to log files, to system configuration files, to backups and archives.