This employer is no longer accepting CVs for this job, it has been deactivated by the company\'s administrator.
Posted Jul 12, 2017 4 views
- Encryption for Data in transit depends on SSL (Secure Socket Layer) which insures that there is a secure connection between a client and our server through the checking of a certificate. This ensures that the connection over the public internet is secure.
- Encryption on S3 for attachments only done using by:
- When we are sending the data to server, the server decrypt (using a key) from base64 code to our S3 bucket folder address
- When we are getting the data from server , the server encrypt (using same key) it first from S3 bucket folder address to base64 & then send data to front-end
Application level encryption is required as well as defend against other common forms of attack (think XSS or noSQL injection) because:
- Given MongoDB's flexible schema, data-at-rest encryption is a conceptually straightforward change: replace plaintext data in a document with encrypted data.
- Why application-level encryption?
- Encryption at the application level is independent of the server and network stack. The application layer is in complete control. Keys are always in the application layer, and separate from the data layer. Plaintext information is never stored or transmitted. No part of the data layer can reveal the plaintext values to potential attackers.
- Backups and disaster recovery are just as easy with application-level encryption – all current backup mechanisms will work. No matter how verbose the logs, they only contain encrypted data.
- By comparison, drive encryption decrypts data after reading from disk. mongodump exports contain unencrypted information. Logs contain plaintext values. Backups and log systems must implement their own encryption to maintain system integrity. With software drive encryption, the key must be accessible to make the drive usable. Usually, the key is in RAM, creating an issue loading the key onto the system in an unattended reboot. Handling of such issues complicates the overall picture and introduces potential leaks.
Job Details
Industry:
Functional Area:
Total Positions:
1 Post
Job Shift:
First Shift (Day)
Job Type:
Gender:
No Preference
Minimum Education:
Bachelors
Career Level:
Experienced Professional
Minimum Experience:
4 Years
Apply Before:
Jul 15, 2017
Posting Date:
Jul 12, 2017
Early Stage Studios
Information Technology · 1-10 employees - Karachi
Erly Stage Studios
What is your Competitive Advantage?
Get quick competitive analysis and professional insights about yourself
Talk to our expert team of counsellors to improve your CV!
Similar Job Titles
I found a job on Rozee!
Ayesha Shaukat
Social Media Marketing Manager
Ivoke
Zohaib Ali
Marketing Manager
Digital Online Devices
Sehrish Azhar
Motivational Speaker & Blogger
Living Upbeat
Mona Sharif
Senior Team Lead
Konext PVT. LTD
Aqib Irshad
Head of HR, Training & OD
FINCA
Zubair Anjum
Business Excellence Specialist
Nestle Pakistan
Ali Aziz
CEO
Shopistan
Muzammil Baig
Digital Marketing Manager
IT Services Group
Babar Ahmed Khan
Territory Sales Manager
Engro Foods
Usman Habib
Recruitment & Training Executive
ACS Synergy (Pvt) Ltd.
