Requirements for a secure configuration

Evenly secure configuration for all relevant parts is essential for the overall security level. The following content gives an overview and best practice advices to maintain a high level of data security.

General configuration

Airlock IAM can be configured in many different ways. It is the responsibility of the "configuring entity" (usually the integrator) to create a secure configuration.

Use the following as a checklist for securing the configuration:

Do not use default passwords or weak passwords in the configuration.

Do not use dummy or test configuration in live environments.

  • Dummy- and Test-Plugins are useful for testing
  • Mark all configuration done for simplifying testing with a tag in the comment field (e.g. "TODO"). You may search for them in the ConfigEditor search panel.

Use SSL/TLS where possible.

See Securing Airlock IAM with HTTPS

Secure IAM with a Content Security Policy (CSP).

See Content Security Policy for the Loginapp REST UI

Never send the internally used "session ticket cookie" to the client (e.g. by defining it as pass-through cookie in the Airlock Gateway (WAF)).

Always restrict the allowed forward locations in the Loginapp's security settings to the minimum required set of URLs. Failing to do so may result in severe security risks.

When using LDAP or AD Directories: make sure that "unauthenticated binds" are not possible in the directory and that "allow empty passwords" is disabled in the IAM configuration unless really wanted (disabled by default).

Remove unnecessary plugins from the configuration (especially when developing a configuration based on the demo configuration).

For critical services, it is strongly recommended and good practice to have the configuration reviewed by an independent security auditor.

Use safe defaults in the configuration (e.g. use the DenyingAuthenicator as fall-back).