The following articles were authored by The Axway Blog Team
Adopt a “shrinking” security model based on micro-perimeters, pt. 3

The widespread use of mobile application stores creates opportunities for malware to be downloaded freely and spread quickly. On top of that, a mobile device in the wrong hands can be exploited at the hardware, firmware, operating system and application levels.

The key is to minimize persistence of confidential data on the device by adopting an architecture in which data is “on tap” from APIs. By controlling the access from the device to the data, no sensitive data remains on a lost or stolen device.

Learn more here.

 

Adopt a “shrinking” security model based on micro-perimeters, pt. 2

Cloud and mobile have spawned a new breed of applications that use lightweight APIs to enable integration and cross-modal user access. As the common access point to applications, APIs should be protected by a micro-perimeter that provides three levels of security:

  • Interface security to block attacks such as SQL injection and cross-site scripting
  • Access control to ensure that only the right users, devices and applications are allowed to access the APIs, along with integration to enterprise identity and access management (IAM) platforms
  • Data security to monitor and redact data passing through the API, including header, message body, and any attachment

Just as with application security, you don’t need to reinvent the wheel when installing a micro-perimeter around your APIs. Consider products such as API gateways that offer comprehensive API protection in all three areas.

Learn more here.