Cybersecurity is no longer about installing a piece of software on your device and never going back to it. In recent years, DevOps and cybersecurity have joined forces to create a term called DevSecOps. This entails building security as a culture with constant collaboration between security teams and developers. And now this is more important than ever.
On August 23, 2021 it was announced that misconfigured Microsoft Power Apps led to more than a thousand web apps accessible to anyone that found them. According to a WIRED article, “More than a thousand web apps mistakenly exposed 38 million records on the open internet, including data from a number of Covid-19 contact tracing platforms, vaccination sign-ups, job application portals, and employee databases. The data included a range of sensitive information, from people’s phone numbers and home addresses to social security numbers and Covid-19 vaccination status.”
With more and more data breaches happening, cybersecurity departments are turning towards their developer counterparts to help configure secure connections. One way developers are doing this is through investing in native solutions. Native solutions are those that do not move data outside the platform and security is the same as the underlying platform. Without an API connection into the platform, data is not exposed to cloud bucket misconfigurations.
Flosum takes security very seriously. We are the only true native DevOps platform, built on the Salesforce platform….not bolted on. Our underlying security protocols are those of Salesforce and we never pull data outside of the Salesforce firewall in order to manipulate it. Everything you do in the Flosum platform, stays inside the Salesforce firewall.
‘Secure default settings matter,’ says Kenn White, Director of the Open Crypto Audit Project. Flosum and Salesforce work hard together to make sure our customers know it and our technology proves it, every day.