как усилить свою безопасность

  1. усиление своей безопасности

Posted on May 25, 2023 3:04 AM

Reply
2 replies

May 25, 2023 7:30 AM in response to Anything777

Anything777 wrote:

усиление своей безопасности


Since this can be an app development question based on where it was posted (in a community commonly intended for third-party app developers working with Apple platforms), start with the recognition that app and data security is a large and complex and often subtle area.


I’d start by evaluating your data, and the needed security. How you need to protect and secure that data, what sort of data encryption is needed if any, and—probably most importantly—whether the data itself even needs to be kept. Data you don’t have can’t leak. This data security evaluation necessarily includes data at rest in your app and in iCloud and on your servers, as well as data being transferred. For data in motion, Mozilla has suggestions.


Passwords are something you should avoid storing. In most cases—outside of a password manager—you should always hash passwords, using a cryptographically-secure password hash. A hash means a compromise of your data won’t expose cleartext passwords, and getting from a hash to a cleartext is exceedingly compute-intensive. You should also plan for the need to replace your chosen hash. This can potentially mean wrapping a weaker hash in a stronger hash, as part of a hash security upgrade. OWASP has suggestions here. For password authentication (including not rotating passwords, and not forcing character selection), NIST has suggestions.


Consider what will happen to you and your organization, and particularly to your users, should the data you are collecting and storing be exposed. As people in certain countries and regions are well aware, exposure of certain data can put those users at risk of death.


And a general suggestion: do not invent your own cryptography. Far too often, that ends badly.


For an overview of what can be expected of users as part of establishing and maintaining their own security, Apple has some suggestions.

как усилить свою безопасность

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.