Creating a secure application requires many safeguards, but by far the most important are those that secure the data in the application. These are also the most difficult to implement.
When it comes to securing application data, there are two distinct types of data that must be secured:
- Data at rest. This is data that is stored in a datastore, database, cache, file system, or other repository. It includes everything from the application’s database, to log files, to system configuration files, to backups and archives.
- Data in motion. This is data that is being actively accessed and used by the application. It could be data that is being transferred from one part of the application to another part of the application, such as between client and server, or between two different applications or services.
A simple example of data at rest is your user profile in a SaaS application. This profile might include your username, password, profile picture, email address, physical address, and other contact information. It might include application information about how you are using the application. In a more local setting, data at rest includes all of the files stored on your computer—your spreadsheets, Word documents, presentations, photos, videos, everything.