Necessary Precautions to be taken in Software to pass security Audit

[Balaji Shetty]

Good Evening

 

 One query raised. My project is Government and it must pass through Security Audits. Company may be indian Government.

It was built in Django with Sqlite backend. It is hosted on Pythonanywhere. 90% work is accomplished in backend only.

Only report and graph display are in frontend.

My backend is Sqlite. Should I switch to Postgresql for security reason.

What are additional precautions I must take to pass the audit for Software Approval 

Is there any web site giving guidance.

--
Mr Shetty Balaji
Asst. Prof.
IT Department
SGGS I&T
Nanded. My. India

[Mike Dewhirst]

On 19/12/2019 12:37 am, Balaji Shetty wrote:

Good Evening

 

 One query raised. My project is Government and it must pass through Security Audits. Company may be indian Government.

It was built in Django with Sqlite backend. It is hosted on Pythonanywhere. 90% work is accomplished in backend only.

Only report and graph display are in frontend.

My backend is Sqlite. Should I switch to Postgresql for security reason.

I prefer PostgreSQL for many reasons but like any DBMS it is only as secure as the machine on which it runs and the passwords and/or certificates with which you lock it down. It does have a setting "listen_addresses" which can also be locked down to an ACL of IP addresses if you wish.

What are additional precautions I must take to pass the audit for Software Approval 

Is there any web site giving guidance.

--
Mr Shetty Balaji
Asst. Prof.
IT Department
SGGS I&T
Nanded. My. India

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAECSbOuPoODFfePd4iz1ZBPkBpcLQ6%3DkcR58KUuHrkc%3DCkMn5Q%40mail.gmail.com.