This document outlines the policies and procedures for software development, code integration, cryptography standards, and secure system design principles to ensure high code quality, data security, and compliance with organizational best practices.
-
Local Development
- Clone the repository and develop on a local branch.
- Ensure all code changes are made within this branch and are isolated from the
mainbranch.
-
Local Testing
- Test code locally to verify functionality, bug fixes, and improvements.
- Complete type-checking and local testing to ensure the code meets initial quality standards.
-
Pull Request (PR) Creation
- Once local tests pass, create a Pull Request (PR) to merge the local branch into the
mainbranch. - Automated tests will initiate upon PR creation.
- Once local tests pass, create a Pull Request (PR) to merge the local branch into the
-
Continuous Integration (CI) and Automated Testing
- Wait for all automated tests to complete. Only proceed if these tests pass, ensuring initial code quality and adherence to standards.
-
Manual Code Review
- A manual review is required after CI tests pass. Another developer or authorized reviewer should thoroughly inspect the code.
- Address any feedback or requested changes.
-
Staging Environment
- Upon receiving approval, the code will be merged into the
stagingenvironment. - The staging branch is used for further testing to simulate the production environment as closely as possible.
- Upon receiving approval, the code will be merged into the
-
Production Deployment
- Code in the
stagingbranch will be manually moved to theproductionenvironment during a designated deployment window. - This step ensures final validation and controlled release to end users.
- Code in the
The following standards outline cryptographic practices to safeguard data in transit, at rest, and in use.
| Domain | Key Type | Algorithm | Key Length | Max Expiration |
|---|---|---|---|---|
| Web Certificate | RSA or ECC with SHA-2+ signature | RSA or ECC with SHA-2+ signature | 2048 bit or greater for RSA, 256 bit or greater for ECC | Up to 1 year |
| Web Cipher (TLS) | Asymmetric Encryption | Ciphers with B or higher grade on SSL Labs Rating | Varies | N/A |
| Confidential Data at Rest | Symmetric Encryption | AES | 256 bit | 1 Year |
| Passwords | One-way Hash | Bcrypt, PBKDF2, scrypt, Argon2 | 256 bit + 10,000 iterations. Include unique cryptographic salt and pepper | N/A |
| Endpoint Storage (SSD/HDD) | Symmetric Encryption | AES | 128 or 256 bit | N/A |
Notes:
- Web Certificate: Renew certificates annually to maintain a high level of security.
- Web Cipher (TLS): Ensure ciphers used are rated B or higher to avoid insecure connections.
- Confidential Data at Rest: Use AES with a key length of 256 bits, and rotate keys annually.
- Passwords: Hash passwords with secure algorithms that include stretching, salt, and pepper for added resilience against brute-force attacks.
- Endpoint Storage: Encrypt data on SSDs and HDDs with AES using a 128-bit or 256-bit key, depending on security requirements.
To ensure secure and privacy-conscious engineering practices, secure-by-design and privacy-by-design principles shall be established, documented, maintained, and applied to all information system implementation efforts. These principles provide a foundation for building robust systems that prioritize security and privacy.
- Minimize Attack Surface Area: Limit the areas of the system that are exposed to potential attacks.
- Establish Secure Defaults: Default settings should prioritize security; users should not have to configure the system to make it secure.
- Principle of Least Privilege: Ensure that systems and users only have the minimum level of access necessary.
- Principle of Defense in Depth: Implement multiple layers of security to protect against potential breaches.
- Fail Securely: Design the system to fail in a secure manner to prevent data leakage or access breaches.
- Don’t Trust Services: Assume that external services may not be secure and verify or validate data as necessary.
- Separation of Duties: Divide critical tasks among multiple people to prevent unauthorized actions.
- Avoid Security by Obscurity: Security should not rely solely on obscuring details but on strong controls.
- Keep Security Simple: Simplify security mechanisms to avoid introducing complex vulnerabilities.
- Fix Security Issues Correctly: Address security issues comprehensively to avoid creating new vulnerabilities.
- Proactive not Reactive; Preventative not Remedial: Build privacy measures into the design to prevent issues rather than responding reactively.
- Privacy as the Default Setting: Configure systems to protect user privacy by default.
- Privacy Embedded into Design: Integrate privacy considerations directly into the system's design and architecture.
- Full Functionality – Positive-Sum, not Zero-Sum: Design systems that enable both functionality and privacy without compromises.
- End-to-End Security – Full Lifecycle Protection: Protect data throughout its lifecycle, from creation to deletion.
- Visibility and Transparency – Keep it Open: Ensure that system operations and data handling practices are transparent and understandable.
- Respect for User Privacy – Keep it User-Centric: Prioritize user privacy rights and controls throughout the system’s design and operation.
By implementing these principles, our development and engineering practices will support secure and privacy-respecting systems, ensuring compliance with regulatory standards and building trust with users.
This policy document defines the workflow for code development, review, and deployment, along with cryptographic standards and secure-by-design and privacy-by-design principles. By adhering to these guidelines, the development team ensures code quality, maintains data security, upholds user privacy, and meets organizational and compliance standards.