{"id":30646,"date":"2021-05-24T09:03:43","date_gmt":"2021-05-24T14:03:43","guid":{"rendered":"https:\/\/www.filecloud.com\/blog\/?p=30646"},"modified":"2021-12-11T09:24:39","modified_gmt":"2021-12-11T15:24:39","slug":"a-brief-history-of-backend-data-security-and-some-best-practices","status":"publish","type":"post","link":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/","title":{"rendered":"A Brief History of Backend Data Security"},"content":{"rendered":"<p><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-30670\" src=\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2021\/05\/FC-Covers-21.png\" alt=\"\" width=\"1921\" height=\"1081\">Software is not like wine and cheese, it does not get better with age, on the contrary, security strength decreases over time because of software obsolescence. Data security has always been important. But since more people are working remotely as a result of the current health crisis, there are more opportunities for unauthorized access to your data than ever before.<\/p>\n<p>Security is a group effort since the weakest link is the point of entry. According to a study conducted by IBM and The Ponemon Institute, the two root causes of data breaches in 2020 were compromised credentials (most often due to weak passwords) and cloud misconfigurations (leaving sensitive data accessible ). According to Gartner, In 2021, exposed APIs will pose large threats than UI in 90% of web-enabled applications. Organizations spend time and effort securing the information on the front end, but the attackers claw their way into the system anyway. Businesses need to set up another check on the way out of the network. In other words, if you miss a thief on the way in, you still can catch him on the way out. If the attacker accesses confidential information, it has value only if they can transfer it to their systems.<\/p>\n<p>Database security is a complex process that involves all aspects of information security technologies and practices. It\u2019s also usually at odds with database usability. The more accessible and easier it is to use the database, the more vulnerable it is; the more invulnerable the database is to threats, the more difficult it is to access and use. This paradox is called <a href=\"https:\/\/en.wikipedia.org\/wiki\/Anderson%27s_rule_(computer_science)\">Anderson\u2019s Rule<\/a>.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_63 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Cyber_Security_evolution_Over_the_Years\" title=\"Cyber Security evolution Over the Years\">Cyber Security evolution Over the Years<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#1940s\" title=\"1940\u2019s\">1940\u2019s<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#1950s\" title=\"1950\u2019s\">1950\u2019s<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#1960s\" title=\"1960\u2019s\">1960\u2019s<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#1970s\" title=\"1970\u2019s\">1970\u2019s<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#1980s\" title=\"1980\u2019s\">1980\u2019s<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#1990s\" title=\"1990\u2019s. \">1990\u2019s. <\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#2000s\" title=\"2000\u2019s\">2000\u2019s<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#2010s\" title=\"2010\u2019s\">2010\u2019s<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#How_the_Backend_Looks_Like\" title=\"How the Backend Looks Like\">How the Backend Looks Like<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Common_Threats_to_Data_Security\" title=\"Common Threats to Data Security\">Common Threats to Data Security<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Some_Basic_Security_Practices_to_Cover_all_the_Bases\" title=\"Some Basic Security Practices to Cover all the Bases\">Some Basic Security Practices to Cover all the Bases<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Separate_Web_server_and_Databases\" title=\"Separate Web server and Databases\">Separate Web server and Databases<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Firewalls_and_Malware_Solutions\" title=\"Firewalls and Malware Solutions\">Firewalls and Malware Solutions<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Encryption_and_Backups\" title=\"Encryption and Backups\">Encryption and Backups<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Account_Management\" title=\"Account Management\">Account Management<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Updated_Operating_Systems_and_Applications\" title=\"Updated Operating Systems and Applications\">Updated Operating Systems and Applications<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#Conclusion\" title=\"Conclusion\">Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Cyber_Security_evolution_Over_the_Years\"><\/span><strong>Cyber Security evolution Over the Years<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Let us take a look at how data security evolved over the decades. There are a few good stories in there you will enjoy reading.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1940s\"><\/span><strong><em>1940\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Access to the giant electronic machines was limited to a small group of people and they weren\u2019t networked. Only a few people knew how to work them so there was no imminent threat. The theory regarding computer viruses was first known in 1949 when computer pioneer John Von Neumann said that computer programs could reproduce<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1950s\"><\/span><strong><em>1950\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The roots of hacking are as much related to telephones as they are to computers. In the late 1950s, \u2018phone phreaking\u2019 was predominant. The term encapsulates several methods that \u2018phreaks\u2019 (people with an interest in the workings of telephones) used to override the protocols that allowed telecom engineers to work on the network remotely to make free calls.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1960s\"><\/span><strong><em>1960\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Most computers in the early 1960s were still huge mainframes, put away in secure temperature-controlled rooms. These were very costly, so accessibility \u2013 even to admins \u2013 was limited. Back then, the attacks had no commercial or geopolitical purposes. Most <a href=\"https:\/\/en.wikipedia.org\/wiki\/Hacker\">hackers<\/a> were curious people or someone who wanted to improve existing systems.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1970s\"><\/span><strong><em>1970\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Cybersecurity actually began in 1972 with a project on ARPANET (The Advanced Research Projects Agency Network), a prequel to the internet. Researcher Bob Thomas came up with a computer program called \u201cCreeper\u201d that could travel within ARPANET\u2019s network, leaving breadcrumbs wherever it went. The breadcrumb left a message saying: \u2018I\u2019m the creeper, catch me if you can\u2019. Ray Tomlinson (the inventor of email ) wrote another program called Reaper. It chased and deleted Creeper. Reaper was the first antivirus software, it was also the first duplicating program, making it the first-ever computer worm.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1980s\"><\/span><strong><em>1980\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The 1980s saw an increase in high-profile attacks, like those at National CSS, AT&amp;T, and Los Alamos National Laboratory. The terms <a href=\"https:\/\/en.wikipedia.org\/wiki\/Trojan_horse_(computing)\">Trojan Horse<\/a> and <a href=\"https:\/\/en.wikipedia.org\/wiki\/Computer_virus\">Computer Virus<\/a> were first used in 1980 s as well. Cybersecurity started to be taken more seriously. Tech users quickly learned to monitor the file size, having learned that an increase in the size of the file was the first sign of potential virus infection. Cybersecurity policies incorporated this, and a reduction in free operating memory remains a sign of attack to this day. Early antivirus software incorporated simple scanners that performed context searches to detect virus code sequences. Most of the scanners also included \u201cimmunizers\u201d that made viruses think the computer was already infected and not attack them ( Similar to our vaccines).<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1990s\"><\/span><strong><em>1990\u2019s<\/em><\/strong><strong>. <\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>New viruses and malware increased in the 1990s, from tens of thousands to around 5 million every year by 2007. In the mid-\u201890s, it was clear that cybersecurity had to be mass-influenced to protect the public. One NASA researcher developed the first <a href=\"https:\/\/en.wikipedia.org\/wiki\/Firewall_(computing)\">firewall<\/a> program, basing it on the structures that prevent the spread of actual fires in buildings. By the end of the 1990s, email was booming and while it promised to revolutionize communication, it also opened up a new entry point for viruses.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"2000s\"><\/span><strong><em>2000\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>With the Internet being a household thing in the early 2000, cyber-criminals had more vulnerabilities to exploit than ever before. As more and more data was being stored digitally, there was more to hack._ <em>In 2001, a new infection technique surfaced: people no longer needed to download \u2013<\/em> visiting an infected website was enough. Viruses infected the clean pages or \u2018hid\u2019 malware on legitimate web pages. Messaging services were also targeted, and worms were designed to propagate via IRC (Internet Chat Relay) channel. The development of<a href=\"https:\/\/en.wikipedia.org\/wiki\/Zero-day_(computing)\"> zero-day<\/a> attacks, which make use of gaps in security software and applications, meant that antivirus was less effective.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"2010s\"><\/span><strong><em>2010\u2019s<\/em><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Cybersecurity tailored specifically to the needs of businesses became more prevalent in 2011. As cybersecurity developed to handle a wide range of attack types, attackers started with their own innovations: multi-vector attacks and Social engineering. Attackers were smarter and antivirus was forced to move from signature-based methods of detection to next-gen innovations.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"How_the_Backend_Looks_Like\"><\/span><strong>How the Backend Looks Like<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Security is something that should be included in all stages of software engineering including architecture. Let us first understand how the back-end functions. Applications or front-end will never have access to the database directly. There is usually a master-slave approach to the architecture where there is an app server in between where the data is scrubbed (for protecting any personal data or PII) before sending it to the front-end.<\/p>\n<p><img decoding=\"async\" class=\"n3VNCb\" src=\"https:\/\/miro.medium.com\/max\/1364\/0*p3QPVXHZznUzpj9w.jpg\" alt=\"Classic backend security design patterns | by Cossack Labs | Medium\" data-noaft=\"1\"><\/p>\n<p>So it is best to distribute security handling since there is no one solution for this. Most applications are framed so that people who are responsible for data management (application admins) are not given access to the underlying database. And people who have data access (Data scientists, Info-sec personnel, etc) are not included in the business end of the operations. The primary reason for this is for auditing. People who change data can do so only through the front end. The front end leaves an audit trail of actions taken. Having an audit trail keeps the application admins accountable. Also, you can prevent the app admins from looking at things they shouldn\u2019t be looking at. Companies also prefer to keep their Architecture secret, since one of the ways to discover a vulnerability in a system is to understand what the underlying architecture is.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Common_Threats_to_Data_Security\"><\/span><strong>Common Threats to Data Security<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>We will now go through some common threats to data security in current times and how you can mitigate them<\/p>\n<ul>\n<li>Injection Flaws \u2013 It happens when you pass unfiltered data to the SQL server, to the browser, to the LDAP server or anywhere else. The problem here is that the attacker can inject commands resulting in loss of data. Organizations that do not follow secure application coding practices and do not perform regular vulnerability tests are open to these attacks.<\/li>\n<li>Broken Authentication \u2013 It\u2019s the first line of defense against unrestricted access. However, if the implementation is poor and there is no proper security policy in place,it can lead to broken authentication. You can avoid it by doing Multi-Factor Authentication, enforcing a good password policy, limit the number of failed logins and incorporate session timeouts.<\/li>\n<li>Cross-Site Scripting (XSS) \u2013 It occurs when the attacker posts some data containing malicious code that the application stores. This vulnerability is on the server-side; the browser simply renders the response. You can mitigate it by validating the input (Check for input length, use regex match and permit specific characters) and by validating output ( this data should be HTML-encoded to sanitize potentially malicious characters )<\/li>\n<li>Insecure Direct Object References \u2013 A internal object such as a file or database key is exposed to the user. The problem with this is that the attacker can provide this reference and, if authorization is broken, the attacker can access the data and manipulate or steal it. The problem can be avoided by storing data internally and not being passed from the client via CGI parameters. Most frameworks have session variables that are well suited for this purpose.<\/li>\n<li>Security Misconfiguration \u2013 It is the implementation of improper security controls, for servers or application configurations. Instances like running the application with debugging enabled in production, having directory listing enabled on the server which leaks valuable information, running outdated software, or having unnecessary services running on the machine may lead to the security vulnerability. The simple security misconfiguration solution is post-commit hooks, to prevent the code from going out with default passwords.<\/li>\n<li>Sensitive Data Exposure \u2013 It occurs when the information is not properly protected in the application. Information such as credentials or sensitive data like credit cards or health records is usually targeted due to this vulnerability.. More than 4000 records are <a href=\"https:\/\/breachlevelindex.com\/\">breached every minute<\/a>. You can mitigate it by encrypting data both at rest and in transit. Incorporate key-based encryption and have a secure backup plan.<\/li>\n<li>Missing function level access control \u2013 This can happen due to authorization failure at the server. You cannot keep an attacker from discovering this functionality and misusing it. Authorization must always be done on the server-side before giving any access or this vulnerability will result in serious problems.<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Some_Basic_Security_Practices_to_Cover_all_the_Bases\"><\/span><strong>Some Basic Security Practices to Cover all the Bases<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Even a small error can allow the attackers to hijack the database systems that can cost up to millions. To prevent such consequences, organizations should always imbibe the \u201ceverything will be broken\u201d threat model to secure databases and prevent valuable information from getting compromised. I have listed a few of the basic security measures you can take for your organization to keep your database safe<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Separate_Web_server_and_Databases\"><\/span>Separate Web server and Databases<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Keep both the servers (application and database) on separate machines. A hosting server for the application can be utilized, but for storing customers\u2019 valuable data, choose a separate database server with security features like multifactor authentication and proper access permissions. Hosting applications and databases on the same machine make it easier for the attackers to break into the system and hack into the administrator account.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Firewalls_and_Malware_Solutions\"><\/span>Firewalls and Malware Solutions<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Once the database is set up, it is important to ensure that is fully protected by a firewall that is capable of filtering any outbound connections and any requests which are meant to access information. The database server should also be protected from any malicious files by installing anti-malware and anti-ransomware software<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Encryption_and_Backups\"><\/span>Encryption and Backups<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Encryption consists of protecting the data with a private key on the application server or the database server. So, even if attackers have access to the database, they cannot decrypt the data easily. Encryption of data in transit is also implemented, where the data is encrypted before it\u2019s transferred over the network from the application server to the database server and vice-versa.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Account_Management\"><\/span>Account Management<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Organizations should ensure the least number of users who can access the database (Usually Data scientist or Infosec personnel). There should be proper authentication (2FA, MFA, etc) process implemented for the users. Database credentials should be stored in a hashed format so they are unreadable. Activity logs should be updated regularly to monitor all the activities regarding queries and requests<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Updated_Operating_Systems_and_Applications\"><\/span>Updated Operating Systems and Applications<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>All the third-party software, APIs, and plugins must be updated to their latest versions. These systems should be updated regularly or whenever the new patches are released. This ensures that the latest versions are capable of immunizing the system with newly discovered cyber threats.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span><strong>Conclusion<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Backend data protection is very important. It is critical for your sensitive data especially with new data protection policies in place all over the world. Using the best security practices, we can stop the most anticipated risks and start a foundation for really solid security for your product.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Software is not like wine and cheese, it does not get better with age, on the contrary, security strength decreases over time because of software obsolescence. Data security has always been important. But since more people are working remotely as a result of the current health crisis, there are more opportunities for unauthorized access to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[72],"tags":[1642,1018,1402,267,981],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.13 (Yoast SEO v20.13) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>A Brief History of Backend Data Security - FileCloud blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A Brief History of Backend Data Security\" \/>\n<meta property=\"og:description\" content=\"Software is not like wine and cheese, it does not get better with age, on the contrary, security strength decreases over time because of software obsolescence. Data security has always been important. But since more people are working remotely as a result of the current health crisis, there are more opportunities for unauthorized access to [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\" \/>\n<meta property=\"og:site_name\" content=\"FileCloud blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/tonidopage\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-24T14:03:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-12-11T15:24:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2021\/05\/FC-Covers-21.png\" \/>\n<meta name=\"author\" content=\"Team FileCloud\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@getfilecloud\" \/>\n<meta name=\"twitter:site\" content=\"@getfilecloud\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Team FileCloud\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\"},\"author\":{\"name\":\"Team FileCloud\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/8a8df071f564aa2c10fa07d6ce60c935\"},\"headline\":\"A Brief History of Backend Data Security\",\"datePublished\":\"2021-05-24T14:03:43+00:00\",\"dateModified\":\"2021-12-11T15:24:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\"},\"wordCount\":2042,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#organization\"},\"keywords\":[\"Backend\",\"Cyber Security\",\"Data encryption\",\"data security\",\"Server\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\",\"url\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\",\"name\":\"A Brief History of Backend Data Security - FileCloud blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#website\"},\"datePublished\":\"2021-05-24T14:03:43+00:00\",\"dateModified\":\"2021-12-11T15:24:39+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.filecloud.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"A Brief History of Backend Data Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#website\",\"url\":\"https:\/\/www.filecloud.com\/blog\/\",\"name\":\"FileCloud blog\",\"description\":\"Topics on Private cloud, On-Premises, Self-Hosted, Enterprise File Sync and Sharing\",\"publisher\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.filecloud.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#organization\",\"name\":\"FileCloud\",\"url\":\"https:\/\/www.filecloud.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg\",\"contentUrl\":\"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg\",\"width\":155,\"height\":40,\"caption\":\"FileCloud\"},\"image\":{\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/tonidopage\",\"https:\/\/twitter.com\/getfilecloud\",\"https:\/\/www.linkedin.com\/company\/codelathe\",\"https:\/\/www.pinterest.com\/filecloud\/filecloud\/\",\"https:\/\/www.youtube.com\/channel\/UCbU5gTFdNCPESA5aGipFW6g\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/8a8df071f564aa2c10fa07d6ce60c935\",\"name\":\"Team FileCloud\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b5818ab931b69298f500d8a184fd2384?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b5818ab931b69298f500d8a184fd2384?s=96&d=mm&r=g\",\"caption\":\"Team FileCloud\"},\"sameAs\":[\"http:\/\/www.filecloud.com\"],\"url\":\"https:\/\/www.filecloud.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"A Brief History of Backend Data Security - FileCloud blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/","og_locale":"en_US","og_type":"article","og_title":"A Brief History of Backend Data Security","og_description":"Software is not like wine and cheese, it does not get better with age, on the contrary, security strength decreases over time because of software obsolescence. Data security has always been important. But since more people are working remotely as a result of the current health crisis, there are more opportunities for unauthorized access to [&hellip;]","og_url":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/","og_site_name":"FileCloud blog","article_publisher":"https:\/\/www.facebook.com\/tonidopage","article_published_time":"2021-05-24T14:03:43+00:00","article_modified_time":"2021-12-11T15:24:39+00:00","og_image":[{"url":"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2021\/05\/FC-Covers-21.png"}],"author":"Team FileCloud","twitter_card":"summary_large_image","twitter_creator":"@getfilecloud","twitter_site":"@getfilecloud","twitter_misc":{"Written by":"Team FileCloud","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#article","isPartOf":{"@id":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/"},"author":{"name":"Team FileCloud","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/8a8df071f564aa2c10fa07d6ce60c935"},"headline":"A Brief History of Backend Data Security","datePublished":"2021-05-24T14:03:43+00:00","dateModified":"2021-12-11T15:24:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/"},"wordCount":2042,"commentCount":0,"publisher":{"@id":"https:\/\/www.filecloud.com\/blog\/#organization"},"keywords":["Backend","Cyber Security","Data encryption","data security","Server"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/","url":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/","name":"A Brief History of Backend Data Security - FileCloud blog","isPartOf":{"@id":"https:\/\/www.filecloud.com\/blog\/#website"},"datePublished":"2021-05-24T14:03:43+00:00","dateModified":"2021-12-11T15:24:39+00:00","breadcrumb":{"@id":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.filecloud.com\/blog\/a-brief-history-of-backend-data-security-and-some-best-practices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.filecloud.com\/blog\/"},{"@type":"ListItem","position":2,"name":"A Brief History of Backend Data Security"}]},{"@type":"WebSite","@id":"https:\/\/www.filecloud.com\/blog\/#website","url":"https:\/\/www.filecloud.com\/blog\/","name":"FileCloud blog","description":"Topics on Private cloud, On-Premises, Self-Hosted, Enterprise File Sync and Sharing","publisher":{"@id":"https:\/\/www.filecloud.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.filecloud.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.filecloud.com\/blog\/#organization","name":"FileCloud","url":"https:\/\/www.filecloud.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg","contentUrl":"https:\/\/www.filecloud.com\/blog\/wp-content\/uploads\/2016\/02\/filecloud_logo_comparison.jpg","width":155,"height":40,"caption":"FileCloud"},"image":{"@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/tonidopage","https:\/\/twitter.com\/getfilecloud","https:\/\/www.linkedin.com\/company\/codelathe","https:\/\/www.pinterest.com\/filecloud\/filecloud\/","https:\/\/www.youtube.com\/channel\/UCbU5gTFdNCPESA5aGipFW6g"]},{"@type":"Person","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/8a8df071f564aa2c10fa07d6ce60c935","name":"Team FileCloud","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.filecloud.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b5818ab931b69298f500d8a184fd2384?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5818ab931b69298f500d8a184fd2384?s=96&d=mm&r=g","caption":"Team FileCloud"},"sameAs":["http:\/\/www.filecloud.com"],"url":"https:\/\/www.filecloud.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts\/30646"}],"collection":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/comments?post=30646"}],"version-history":[{"count":7,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts\/30646\/revisions"}],"predecessor-version":[{"id":32770,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/posts\/30646\/revisions\/32770"}],"wp:attachment":[{"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/media?parent=30646"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/categories?post=30646"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.filecloud.com\/blog\/wp-json\/wp\/v2\/tags?post=30646"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}