Systems | Development | Analytics | API | Testing

In our last Kong and Okta tutorial, we will implement a basic access control policy based on Okta’s groups and planes. This series will show you how to implement service authentication and authorization for Kong Konnect and Okta using the OpenID Connect (OIDC) plugin.

The Healthcare Insurance Portability and Accountability Act (HIPAA) has been an important federal law in healthcare since 1996. Part of its purpose was to create standards meant to protect sensitive patient information, and it took on even more important once the digitalization of patient health records became widespread. Now it’s required for certain types of businesses to protect patient health information—or face fines that range from $100 to $50,000 per violation.

In the age of surgical robots, smart refrigerators, self-driving vehicles and unmanned aerial vehicles, connectivity undoubtedly is a foundational block for our modern world. Connectivity not only enables easy access to resources, but it also opens up opportunities to drive innovation by connecting isolated systems. Connectivity drives digital transformation.

Organizations have access to massive amounts of data, but they don’t always give enough thought to how they’re going to keep it private and protected. Dozens of data privacy regulations are in effect or in development globally, and the average consumer is learning more about how much of their data gets collected and used by businesses. For this reason, companies need to focus on keeping data safe while it's under their control, but it’s easy to make mistakes.

Authentication is at the heart of most web development, yet it is difficult to get right. In this article, Diogo Souza discusses common security problems with authentication systems and how you can resolve them. Even if you never build an authentication system from scratch (you shouldn't), understanding these security concerns will help you make sure whatever authentication system you use is doing its job.

Data security is an ongoing concern for anyone managing a data warehouse. Organizations need to control access to data, down to the granular level, for secure access to data both internally and externally. With the complexity of data platforms increasing day by day, it's become even more critical to identify and monitor access to sensitive data.

Wherever your business operates, you may have to follow the GDPR or face massive fines. It’s an epic legal document but much of it boils down to some key principles. The best approach is to store and manage your data in a way that makes GDPR-compliance straightforward. Here’s what you need to know.

Picking the right business intelligence (BI) tool is essential to helping you beat your competitors, better serve your customers, and make smarter data-driven decisions. However, there's no one-size-fits-all tool for every enterprise. Not all BI users are created equal, and not all users should have the same level of access to sensitive and confidential data.

As developers, we know the pitfalls of the internet – the gateways that malicious actors can exploit to steal private data, siphon money and generally wreak havoc. But if we’re going to build watertight applications, it’s essential that we keep updating our knowledge base and prepare for every possible assault. In this post, we’re going to discuss five particularly common forms of attack.

Personally identifiable information (PII) is some of the most valuable data that organizations can have. It's also some of the most dangerous if you don't follow data security best practices. If you don't treat this data with care, you could end up in the headlines as the victim of the latest data breach, costing you money and damaging your reputation. Of course, you should never leave PII data unprotected. So what is the best way to protect the confidential and sensitive PII that you handle?