Security and Data Protection with 4D v17 – Thomas from the 4D Summit 2018
Security and Data Protection is an incredibly important topic and yet it’s often overlooked until something goes wrong!
4D is secure, straight out of the box, thanks to the integration of the latest technologies and practices such as:
4D helps you comply with GDPR!
In this dedicated GDPR guide of best practices, 4D helps you to build your GDPR compliance and get you started with your General Data Protection Regulation journey.
In this blog post, we’ll focus on a specific key step of this journey: discovery and how 4D can help you create an overview of existing personal data, via a built-in functionality. We’ll even provide you a code example!
Get ready for GDPR with 4D
Taking effect on May 25, the General Data Protection Regulation (GDPR) imposes new privacy restrictions governing the collection and use of personal data of European Union (EU) citizens.
And as a first step to help you get more insight into the GDPR law, we’re pleased to announce the first part of a GDPR dedicated guide: General Data Protection Regulation and 4D.
A+ security ranking for 4D web sites
After introducing Perfect Forward Secrecy, the security level of 4D Web server has been increased again with the support of HTTP Strict transport Security (HSTS). Henceforth, 4D Web server is compliant with the very latest security protocols. Simply upgrade to 4D v17 and enable HSTS to get the A+ ranking (the highest level) from SSL Labs for your web sites!
Backup and Security
There’s a saying about not sweating the small stuff, but when it comes to security, it’s often the little things that have the biggest impact.
On the “Backup” page of Database Settings, you’ll notice an option for an automatic restore of the last backup if your database is damaged. To provide you with the best level of protection for your data, this option is now checked by default for new databases, right out of the box.
Higher security ranking for 4D web sites
HTTPS is a well-known HTTP protocol, covered with a layer of SSL/TLS encryption goodness. This protocol is intended to provide confidentiality and integrity by encrypting communications between your server and your end users, rendering your data secure from prying eyes.
4D v16 R6 takes it a step further: 4D Web server now supports Perfect Forward Secrecy (PFS). This provides you with the highest security level for your communications – by default! Beyond the protection it provides, the support of PFS also increases the SSL audit test results of an out-of-the-box 4D server, which is great for our customers. Especially those working with sensitive information.
Check out our Security Guide!
Over the years, security has become a core topic for business applications. As a 4D developer, you are constantly facing customers who pay close attention to the level of security in the solutions they use for running their everyday businesses.
To help you answer your customers’ security-related questions, we are pleased to announce the release of the 4D Security Guide.
This reference document describes all the built-in tools and techniques involved in creating a secured environment for your business applications: from authentication and TLS encryption, to data access system and data protection. Now it’s time for you to check it out!
Generate digest now supports SHA-2
The digest functions are mathematical functions that compute a digest key for a document. Identical documents have the same digest key; if you change part of the document, the digest key is different. These functions are very useful for checking data integrity when you exchange or compare data. In 4D v16 R5, 4D has enhanced the Generate digest command to support SHA-2 algorithms following security recommendations.
Hash and verify passwords for web user login
Security is becoming an increasingly important topic as business applications become more frequently accessible through the web and are, as a result, more vulnerable to threats. As 4D is closely paying attention to security matters, in 4D v16 R5 we are providing you with a couple of security improvements, and one of them relates to the web users’ password protection through password hashing.
By the way, if you want to know more about how 4D is helping you to protect your data and with the security in general, I recommend you to take a look at this blog post.
More security for your 4D Server
Over the years, security has become a core topic for business applications. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as “SSL”, are cryptographic protocols that provide communications security over a computer network. The TLS version that your application is using for web or client/server connections, for instance, contributes to its security level.
4D supports all TLS versions: 1.0, 1.1 and 1.2. The protocol version used is negotiated between the server and the client when establishing the connection. To increase the security level, beginning with 4D v16 R5, the default minimum supported version is TLS 1.2, older versions are rejected, as they could be unsecure.
Contact us
Got a question, suggestion or just want to get in touch with the 4D bloggers? Drop us a line!
* Your privacy is very important to us. Please click here to view our Policy