Keep Your Data Safe
Learning Objectives
After completing this unit, you’ll be able to:
- Secure your data.
- Manage OAuth tokens and credentials.
- Create secure API integrations.
Avoid Common Security Risks
No matter how you choose to integrate your apps or external systems with Marketing Cloud Engagement, there are some guidelines you should follow to keep your data safe. The best practices we cover in this unit help you avoid common security risks like cross-site scripting, sensitive data exposure, HTML injection, and others. Let’s take a closer look at these potential threats.
Cross-Site Request Forgery
This practice tricks an authenticated user into performing an unwanted action on a vulnerable server.
HTML Injection
This attack puts HTML on a vulnerable website, such as an iframe that displays a different page than intended.
Cross-Site Scripting
An attacker uses Javascript on a vulnerable domain and gets a user to click on a malicious link. The browser executes the Javascript and, well, bad things happen.
Arbitrary Redirects
This attack involves a user clicking on what appears to be a typical server URL, but the link sends them to a malicious site.
Remote Code Execution
This attack finds vulnerabilities in target servers and executes input data.
Good news: even though these are some pretty scary security threats, there are things you can do to protect your data. Let’s review some data security best practices.
Data Security Best Practices
Limit Permissions
Whenever you create OAuth access tokens, make sure they are valid only for the necessary tasks. After all, if your neighbor needed something out of your garage, would you give them keys to the entire house? In other words, assign only the necessary permissions to the tokens and the installed package.
Secure Your Tokens
When you store your token values, keep only the refresh token on your external server. Request a new access token when you need one, and only store that value in memory. These tokens need to receive the same security and priority as Salesforce account credentials.
Use Up-to-Date TLS
Make sure your external web servers use an up-to-date TLS configuration, and enforce TLS in your requests to Marketing Cloud Engagement APIs. Your access token should only appear in the authorization header.
Review Error Messages
Of course, your error messages should be a little more descriptive than ERROR: #12345. But don’t give away everything in the error message either. Make sure that you don’t include stack traces and debug logs in your error message to prevent attackers from using that information against you.
Create Secure Sessions
Make sure your sessions use secure procedures to create, manage, and end work for authorized users. Rotate session IDs to make sure attackers can’t keep and maintain those values for access. Make sure your integration also verifies user session and permission levels before granting access to restricted data or functions. Keep your functions on a need-to-know basis. And use tenant-specific endpoints whenever available to ensure your requests use the most secure connections possible.
Store Sensitive Info Properly
Store all sensitive information on your own system using your platform’s secure storage best practices. Why store sensitive information—such as passwords, credit card numbers, and Social Security numbers—securely on your own system? Because that information should never be stored on Marketing Cloud Engagement servers!
Patch All Important Software and Hardware
Avoid remote code execution problems by patching vulnerabilities on services listening on web server ports, updating software packages, and executing deserialized user data cautiously.
Feeling more secure now? Security is an ongoing concern, and you should regularly reevaluate your security needs. This information gives you a strong foundation for your efforts, though. Nice work!
