Yesterday, Vormetric released their 2015 Insider Threat Report. As they point out, “In 2014, the U.S. saw some of the worst data breaches in recent memory with household names Sony, Home Depot, J.P. Morgan Chase and Supervalu experiencing massive financial and reputational blows due to cyberattacks.”
As the need for syncing and storing data on mobile devices continues to grow, addressing the security risks involved is critical. While addressing these concerns may seem daunting, not addressing them can put your customers and data at risk.
There are five key security concerns during data synchronization and decentralized storage on device:
- User Authentication
- Data Read/Write Access
- Data Transport on the Wire
- Data Storage on Device
- Data Storage in the Cloud
Couchbase Mobile resolves each of these concerns.
For User Authentication we support pluggable authentication. Out of the box we have support for popular public login providers like Facebook or you can write your own custom provider. You can also restrict access to the system to successfully authenticated users or optionally allow anonymous users.
For Data Read/Write Access there are fine-grained policy tools that allow controlling data access for individual users and roles. Read-side permissions are at the document level and write-side permissions are down to the field level.
Data Transport on the Wire, for data in motion, is over SSL.
Data Storage on Device, for data at rest on device, uses the device’s built in File System Encryption.
Data Storage in the Cloud, for data at rest in the cloud, you can configure Couchbase Server to use File System Encryption.
Couchbase Mobile allows you to easily build secure apps that work online and offline.
You can get started at developer.couchbase.com/mobile
You can also learn more in my upcoming webinar on Addressing Data Security Concerns with Couchbase Mobile.