Changes

Jump to navigation Jump to search
Line 11: Line 11:  
* Carefully control and manage privileges assigned to users and administrators. Provide a reasonable (but minimal) level of system privileges and rights needed for their role.
 
* Carefully control and manage privileges assigned to users and administrators. Provide a reasonable (but minimal) level of system privileges and rights needed for their role.
 
* Use strong authentication mechanisms (for example, multi-factor authentication) where possible to protect from unauthorized access.
 
* Use strong authentication mechanisms (for example, multi-factor authentication) where possible to protect from unauthorized access.
* Design web services so that they are protected from common security vulnerabilities such as SQL injection and others described in widely-used publications such as the Open Web Application Security * Project (OWASP) Top 10.
+
* Design web services so that they are protected from common security vulnerabilities such as SQL injection and others described in widely-used publications such as the [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Open Web Application Security * Project (OWASP) Top 10].
   −
For more information on best practices, refer to Communications Security Establishment’s (CSE’s) IT security advice and guidance.
+
For more information on best practices, refer to [https://www.cse-cst.gc.ca/en/group-groupe/its-advice-and-guidance Communications Security Establishment’s (CSE’s) IT security advice and guidance].
 
<br><br>
 
<br><br>
 
'''Additional Guidance:''' [https://www.us-cert.gov/ncas/tips/ST18-006 Website Security | US-CERT]
 
'''Additional Guidance:''' [https://www.us-cert.gov/ncas/tips/ST18-006 Website Security | US-CERT]
263

edits

Navigation menu

GCwiki