Low Code in 30: Comprehensive Security

Join Jeff Goldberg, member of the Mendix Evangelist Team, and learn about all the ways the Mendix platform keeps your apps secure in this rendition of Low-Code in 30.

Transcript

[00:00:01.199]
Hello and welcome to low code and thirty.

[00:00:03.459]
I’m jeff goldberg, member of the evangelist

[00:00:05.559]
team at bendix, and in today’s webinar,

[00:00:07.860]
we’re going to spend the next thirty minutes discussing

[00:00:10.269]
security in the medics platform.

[00:00:13.311]
Loco ten thirty is run on a monthly basis,

[00:00:15.922]
and if this is the first time you’ve joined us,

[00:00:18.292]
we have covered a number of topics over the

[00:00:20.323]
last six months related to the medics application

[00:00:22.882]
development platform. I encourage you

[00:00:24.972]
to visit our youtube channel and view

[00:00:27.021]
our previous webinars and subscribe

[00:00:29.051]
to her channel so that you could get notified

[00:00:32.332]
as we add new content regularly.

[00:00:35.631]
Let’s jump in with a quick overview of what

[00:00:37.682]
men dix is, and then we’ll talk about the

[00:00:39.731]
comprehensive approach. Medics takes

[00:00:41.822]
two security afterward. We’ll take a few

[00:00:43.832]
minutes for q and a

[00:00:47.148]
medics was born to help enterprises win

[00:00:49.317]
with apse because it’s the fastest and easiest

[00:00:51.707]
low code platform to create and continuously

[00:00:54.368]
enhance any kind of app at scale,

[00:00:56.728]
including web aps, offline, first

[00:00:58.777]
mobile aps.

[00:01:02.670]
Rest a pea eye’s micro services and

[00:01:04.829]
more to fit a variety of use cases

[00:01:07.120]
medics helps you achieve your goals through a

[00:01:09.170]
visual model driven development platform

[00:01:11.870]
enabling professional developers and stakeholders

[00:01:14.530]
in the blind of business

[00:01:16.159]
to collaborate throughout the entire application

[00:01:18.799]
lifecycle everything from requirements

[00:01:21.069]
gathering development

[00:01:25.417]
deployment

[00:01:26.376]
and finally operating are integrated

[00:01:28.956]
into the platform to help make developers

[00:01:31.257]
lives easier and to bring them closer

[00:01:33.406]
to their customers.

[00:01:35.590]
As a result, development is faster

[00:01:37.629]
and more efficient because the business

[00:01:39.719]
and combined their domain expertise

[00:01:42.180]
during application creation. Application

[00:01:44.629]
quality is significantly higher because

[00:01:46.870]
requirements and outcomes are in alignment

[00:01:49.159]
and total cost of ownership is lower

[00:01:51.280]
because adopting an agile and enter

[00:01:53.640]
of process

[00:01:55.926]
reduces rework after applications

[00:01:58.206]
go live.

[00:02:00.909]
Abso purity has been a top of mind

[00:02:02.938]
topic for a long time, and it

[00:02:04.978]
continues to be a top consideration

[00:02:07.539]
in choosing any platform or software

[00:02:09.838]
as a service at men. Dicks

[00:02:11.938]
security rest on four pillars

[00:02:14.109]
to insure aps built on the platform

[00:02:16.378]
are protected from end to end.

[00:02:18.459]
It starts with compliance.

[00:02:21.633]
An information security management system

[00:02:24.133]
designed in compliance with iso standards

[00:02:26.832]
to protect the platform and the customers

[00:02:29.223]
aps running on it from

[00:02:31.293]
would be attackers and threats.

[00:02:34.534]
Cloud security involves encrypting

[00:02:36.764]
information and communications exchange

[00:02:39.395]
inside and outside the platform,

[00:02:41.835]
along with other services to protect

[00:02:44.145]
cloud operations, platform

[00:02:46.375]
security handles authentication

[00:02:48.625]
and user rules, making sure users

[00:02:50.814]
have the right capabilities to contribute

[00:02:53.044]
toe app development.

[00:02:56.743]
And application security, controlling

[00:02:58.933]
app authentication users security

[00:03:01.473]
and module security, which control

[00:03:03.764]
aspects of the user experience as well

[00:03:05.973]
as the data and users interact with

[00:03:08.183]
during a session

[00:03:09.313]
today, will cover the first two in brief and

[00:03:11.554]
then dive a little deeper into platform security.

[00:03:14.044]
And then i’ll go into the model er and show you how to

[00:03:16.093]
set up authentication, using o off

[00:03:19.681]
and authorization with user and module

[00:03:22.042]
security.

[00:03:25.963]
To provide the most secure environment possible.

[00:03:28.433]
Medics has implemented an information

[00:03:30.493]
security management system in accordance

[00:03:32.794]
with the s o. I’m twenty

[00:03:34.843]
seven thousand one standard. Instead

[00:03:36.913]
of relying on our cloud providers certification,

[00:03:39.524]
we’ve built our own framework of controls

[00:03:41.663]
for information risk management and

[00:03:43.713]
attained accreditation across

[00:03:47.123]
all the cloud infrastructure men dix

[00:03:49.183]
is available.

[00:03:51.745]
You can view our

[00:03:53.014]
twenty seven thousand won certification

[00:03:55.375]
within the medics platform evaluation guide.

[00:03:57.865]
In addition to the standard,

[00:04:00.657]
medics has several other assurance reports

[00:04:02.796]
confirming security controls management,

[00:04:04.986]
including thirty four

[00:04:06.997]
to type two

[00:04:09.461]
a sock, one type to certification

[00:04:12.192]
and starr certification.

[00:04:14.262]
Because we take security seriously,

[00:04:16.692]
we engage in periodic assessments of

[00:04:18.771]
the security controls we have in place to

[00:04:20.791]
make sure we evaluate and mitigate

[00:04:22.961]
information, security threats and vulnerabilities

[00:04:25.831]
systematically.

[00:04:30.266]
Medics, employees, several different configurable

[00:04:32.846]
measures to secure data and the

[00:04:34.886]
platform experience at the cloud

[00:04:37.055]
level, starting with security controls.

[00:04:39.206]
It begins with using t l s encryption,

[00:04:41.466]
using certificates to provide anto

[00:04:43.675]
and protection for data transporting

[00:04:45.706]
between the client and the application

[00:04:48.245]
to control inbound access to the app,

[00:04:50.586]
you may restrict can activity to an

[00:04:52.656]
i p address range or use a client

[00:04:54.745]
certificate or both.

[00:04:59.285]
While minutes provides certificates using

[00:05:01.535]
men dick specified domains, it is possible

[00:05:03.995]
to use a custom domain with full certificate

[00:05:06.464]
support to own the earl axis

[00:05:08.935]
management in medic starts at the cloud

[00:05:10.995]
operations level,

[00:05:12.464]
where a technical contact for each application

[00:05:14.954]
establishes control of their cloud

[00:05:17.165]
note and the roles for additional users

[00:05:19.605]
for cloud ops rules.

[00:05:23.576]
Users may have access to deploy aps

[00:05:25.976]
access. Backups have a p

[00:05:28.026]
i access and performance monitoring

[00:05:31.790]
for secure backup medics. Provides

[00:05:34.110]
several app backup options

[00:05:36.221]
with history in geographically dispersed,

[00:05:38.411]
secure locations to maintain

[00:05:40.571]
app integrity during disasters, medics

[00:05:42.891]
offers high availability through deployment

[00:05:44.930]
to multiple availability zones and

[00:05:47.350]
auto recovery.

[00:05:49.139]
In accordance with our certifications, we

[00:05:51.160]
perform disaster recovery tests

[00:05:54.343]
on the platform quarterly.

[00:05:56.432]
The medics platform provides extensive

[00:05:58.533]
logging throughout the whole application

[00:06:00.682]
life cycle, from design,

[00:06:02.750]
development to deployment

[00:06:04.339]
as well as run time. There is a full audit

[00:06:06.449]
trail of the activities performed in

[00:06:08.490]
the platform.

[00:06:11.966]
The medics. Cloud operates on the

[00:06:14.007]
basis of cloud notes run on cloud

[00:06:16.336]
foundry containers hosting autonomous

[00:06:18.646]
instances of the medics run time.

[00:06:21.266]
Each cloud note has separate test acceptance

[00:06:24.057]
and production environments.

[00:06:26.016]
Each environment and ap containers

[00:06:28.047]
there in

[00:06:28.916]
effectively shield each app from

[00:06:31.197]
one another from a resource and

[00:06:33.297]
a security perspective. To learn more details

[00:06:35.906]
about medics. Cloud security

[00:06:37.857]
review our extensive security section

[00:06:40.206]
in the evaluation guide

[00:06:41.786]
medics platform security is driven through

[00:06:43.896]
a provisioning service called mx

[00:06:47.670]
i’d mx. I’d handles authentication

[00:06:50.189]
to the platform for interaction during

[00:06:52.220]
the application development life cycle. In

[00:06:54.310]
addition, the platform portal provides

[00:06:56.459]
role based user access at the platform

[00:06:58.819]
and application level.

[00:07:02.401]
Company advance for a tenant

[00:07:04.432]
in the medics cloud have the ability

[00:07:06.581]
to manage users through their mx

[00:07:08.591]
id and configure their role based

[00:07:10.651]
access to environments to deploy

[00:07:12.742]
and manage aps. Each app has

[00:07:14.872]
its own security interface for creating

[00:07:17.192]
in configuring user rolls. You invite

[00:07:19.521]
team members to the ap project, and

[00:07:21.622]
when you do,

[00:07:24.278]
you assign them a rule, granting them certain

[00:07:26.458]
permissions to access and control aspects

[00:07:28.737]
of the app

[00:07:30.456]
medics and forces segregation of duties.

[00:07:32.966]
Therefore, general management, think

[00:07:34.995]
of service accounts are not allowed. This

[00:07:37.125]
insures all actions are traceable to

[00:07:39.146]
a specific person.

[00:07:42.494]
It is possible to set up two factor

[00:07:44.764]
authentication with the medics platform.

[00:07:46.853]
We’ll cover that in a future session.

[00:07:52.262]
Taking a few moments to look inside the platform

[00:07:54.562]
portal. There are a number of sections on

[00:07:56.661]
the side menu for administrating an

[00:07:58.732]
application. I’m going to walk through the team

[00:08:00.862]
section on lee today

[00:08:03.278]
because it’s relevant to our security conversation.

[00:08:05.889]
The team section lists the users

[00:08:07.959]
with access to the application and the rules

[00:08:10.319]
they play as a member of the app development

[00:08:12.579]
team for this specific app. As

[00:08:14.939]
thie app owner, i have control over who

[00:08:16.988]
to invite to the application.

[00:08:20.642]
I want to invite my colleague simon and chris

[00:08:23.023]
to the project because i’ll need their expertise

[00:08:25.413]
during the at build.

[00:08:27.158]
When i type in their names, auto complete

[00:08:29.468]
finds them for me because they have mx

[00:08:31.487]
idea accounts within my company.

[00:08:33.567]
In adding simon and chris, i’m prompted

[00:08:35.618]
to give them a role in the project. Each

[00:08:37.918]
medics app comes with six default

[00:08:39.927]
rolls to choose from, but you can create mohr

[00:08:42.288]
to fit your agile team more on that

[00:08:44.518]
in a minute. I can personalize a message

[00:08:51.844]
confirm

[00:08:52.898]
and i’m good. Simon and chris are added

[00:08:54.947]
to the ap. They’ll receive an email with a clickable

[00:08:57.197]
link that will bring them to the medics portal

[00:08:59.327]
or the next time, when they go into the portal,

[00:09:01.488]
a notification will appear, prompting them

[00:09:03.648]
to accept the invitation. So what

[00:09:05.677]
do you do if you need to create custom rules

[00:09:07.947]
clicking on the manage team button?

[00:09:13.059]
And roll settings provides an interface for creating

[00:09:15.450]
new rules and editing existing ones. The

[00:09:17.519]
only one that can’t change is the scrum master

[00:09:19.899]
role because it’s

[00:09:21.403]
the boss roll. Creating a new role

[00:09:23.552]
enables you to set a number of permissions. And

[00:09:25.702]
there’s a handy security guide to help

[00:09:27.702]
determine what level of access you may want

[00:09:29.702]
to give the role. With bendix, you

[00:09:31.763]
have complete control of the platform user

[00:09:33.962]
experience. Put another way, this is

[00:09:36.023]
the first level of access control to

[00:09:38.082]
determine the experience members of the development

[00:09:40.363]
team. We’ll

[00:09:43.860]
have in the medics platform.

[00:09:49.126]
When we arrive at application level security

[00:09:51.527]
and bendix control becomes expansive

[00:09:53.966]
and layered

[00:09:55.927]
with applications security. You’re covered

[00:09:58.187]
with authentication to the ap,

[00:10:00.427]
which is a distinction from platform authentication,

[00:10:03.297]
which is used to control access to the development

[00:10:05.567]
environment.

[00:10:07.159]
Application level user rolls you define

[00:10:09.769]
that are tied to module rolls established

[00:10:12.409]
in each module.

[00:10:14.159]
This enables plugin modules. Things

[00:10:16.370]
that you would grab from a public repository

[00:10:18.730]
or reasonable content

[00:10:20.220]
actually have their own security that can be

[00:10:22.279]
inherited by the parent application.

[00:10:24.960]
And then for each of those modules, you

[00:10:27.120]
define page, micro flow

[00:10:29.379]
and entity access

[00:10:31.470]
and assign module rolls

[00:10:34.220]
to those rules. And we’re going to get into that

[00:10:36.409]
in a deeper level, in a more visual

[00:10:38.519]
level in a few minutes.

[00:10:40.659]
Depending on how authentication is set up in the

[00:10:42.690]
medics application,

[00:10:44.360]
it’s possible to provisioned users based

[00:10:46.570]
on the attributes sent through during

[00:10:48.759]
the authentication process.

[00:10:50.960]
So let’s jump into a demo where

[00:10:53.200]
we’ll set up an oath connection,

[00:10:55.419]
and then we’ll also establish some user

[00:10:57.610]
in module security in the app,

[00:10:59.960]
we’ll log in and we’ll review

[00:11:02.009]
the access based on that and see

[00:11:04.350]
what the user sees

[00:11:09.961]
has become a popular standard in the past

[00:11:12.171]
few years

[00:11:13.000]
as a way to limit storing passwords in applications,

[00:11:15.971]
thus giving developers a good balance

[00:11:18.130]
between usability and security. In

[00:11:20.270]
mende ix, implementing oh off or

[00:11:22.350]
samuel in your aps is pretty straight forward

[00:11:24.921]
through the medics app store.

[00:11:26.794]
The app store is an online repository of share

[00:11:29.095]
a bowl and reusable components you can download

[00:11:31.455]
directly into your projects

[00:11:33.595]
and begin to use. That said, you

[00:11:35.725]
may choose to rule your own authentication module,

[00:11:38.315]
and the openness and extensive ability of the platform

[00:11:41.085]
allows you to create java actions and

[00:11:43.264]
write custom java code to support your

[00:11:45.355]
needs. Once the module is built,

[00:11:47.495]
it could be shared on the app store in public

[00:11:49.625]
or private modes for the community

[00:11:52.900]
or your development team to benefit from.

[00:12:02.980]
So today i’ve taken the role my own approach

[00:12:05.240]
because i want to use the domain model to

[00:12:07.320]
store my oath configurations.

[00:12:09.523]
This will enable me to write less custom code

[00:12:11.802]
and it will make configuring new providers easier.

[00:12:14.273]
Let’s start with the configuration. I’ve got the

[00:12:16.413]
app running on my local machine and i’m in

[00:12:18.452]
the configuration over view. You can see

[00:12:20.753]
i have configuration for octa and sales

[00:12:23.003]
force. When i opened the sails for century,

[00:12:25.133]
i’m able to set the appropriate attributes

[00:12:27.302]
i need to complete and a handshake.

[00:12:32.933]
To help connect to providers. I’ve

[00:12:35.092]
created a few java actions that read

[00:12:37.123]
the information in the configuration and help

[00:12:39.363]
make the

[00:12:40.202]
module flexible. In addition, i

[00:12:42.222]
have created a micro flow that returns

[00:12:44.312]
the configuration for the called upon configuration.

[00:12:47.163]
I’ll deploy the project to eclipse where i

[00:12:49.202]
can code the remainder of the flow inside

[00:12:51.653]
of eclipse.

[00:12:55.956]
I have full access to the medics model

[00:12:57.956]
through the model s decay. This enables

[00:13:00.009]
me to use java and medics models

[00:13:02.190]
to create the solution i need in the most

[00:13:04.200]
efficient way possible to support

[00:13:06.240]
my oath configuration. I call the

[00:13:08.250]
micro flow from the java code and gain

[00:13:10.350]
access to all that information without

[00:13:12.519]
having to duplicate effort. Hand

[00:13:14.549]
coating what i need. Another cool thing

[00:13:16.759]
is once i’m in eclipse.

[00:13:21.048]
I could debug my application from here.

[00:13:23.129]
Let’s check it out. I fire up the d bugger

[00:13:25.369]
and fire up the log in page. I’ve created

[00:13:27.759]
a simple one here that enables me to log

[00:13:30.038]
into sales force. When i click the button,

[00:13:32.339]
a clips pipes up because i set

[00:13:34.448]
a break point in the java code. Even

[00:13:36.448]
though i am running an application through men

[00:13:38.538]
dicks, i’m able to debug my custom

[00:13:40.788]
code when i click through.

[00:13:46.778]
I log into sales for us.

[00:13:48.528]
It sends me back to the home page for my ap.

[00:13:50.798]
Once the authentication is complete. Now, let’s

[00:13:52.839]
go into securing the app. Once authenticated

[00:13:55.158]
users have entered.

[00:14:07.847]
We’ve taken a bit of a top down approach to

[00:14:09.878]
security governance throughout this webinar,

[00:14:12.057]
but now we’re going to switch directions and talk

[00:14:14.267]
about user rolls and module rolls.

[00:14:16.917]
The diagram on display is a

[00:14:18.927]
representation of how users

[00:14:21.106]
are bundled into user rolls,

[00:14:24.316]
basically the equivalent of groups in

[00:14:26.326]
a directory service and in an application

[00:14:29.096]
the user rules that have explicit access

[00:14:31.166]
to modules. Within that application.

[00:14:33.566]
The distinction between user rules and

[00:14:35.645]
module rolls is made because we want

[00:14:37.735]
modules to be self contained

[00:14:39.875]
and independent from the project.

[00:14:42.753]
This promotes reusability and efficiency

[00:14:45.283]
because shared modules carry their module

[00:14:47.842]
rolls,

[00:14:49.120]
which can be added to the user rolls

[00:14:51.460]
of the main project in a couple of clicks,

[00:14:54.159]
it sounds a bit confusing.

[00:14:57.591]
But what i’m going to do is review

[00:14:59.741]
the user and module roll section

[00:15:02.081]
of the training management app that

[00:15:04.211]
you have the opportunity to build in

[00:15:06.322]
the become a rapid developer training

[00:15:08.682]
on the medics academy website.

[00:15:13.038]
Medics. Ab security has three levels

[00:15:15.258]
you can set for the project

[00:15:17.738]
prototype and production. I’m setting

[00:15:20.008]
the project to production because i want to

[00:15:22.077]
build out and test access control

[00:15:24.077]
for pages, micro flows and

[00:15:26.207]
entities.

[00:15:29.605]
Prototype enables the first two

[00:15:31.754]
page and micro flow security, but

[00:15:34.075]
not entity level security. Once

[00:15:36.235]
i flipped the bit to production, the window

[00:15:38.455]
expands to show page and mike flow

[00:15:40.764]
access are incomplete. This is happening

[00:15:43.225]
because certain pages and micro flows

[00:15:45.384]
do not have roles assigned.

[00:15:50.187]
And roll assignment is a requirement for

[00:15:52.236]
aps deployed into production.

[00:15:55.047]
Before we address that,

[00:15:56.647]
we need to add a trainee user

[00:15:58.697]
rule to reduce the access of users

[00:16:01.047]
will be taking classes

[00:16:02.787]
toe on ly, be able to sign up and view

[00:16:04.996]
those classes we don’t want them creating.

[00:16:07.876]
When i create the trainee role, i choose

[00:16:10.246]
which module rules it will have access

[00:16:12.307]
to in the project.

[00:16:16.611]
Here. I’m keeping it out of some modules

[00:16:18.991]
completely and adding it as a user

[00:16:21.261]
to the administration module.

[00:16:23.111]
So users with that role will be ableto log

[00:16:25.481]
into the app.

[00:16:30.000]
Now that the trainee roll exists,

[00:16:32.500]
real time air checking has kicked in because

[00:16:34.909]
it’s seen that there are

[00:16:36.940]
aspects of the model that

[00:16:39.059]
don’t have assignments

[00:16:41.100]
to the trainee roll. So we need to take care

[00:16:43.289]
of that to secure the app. And now that i know

[00:16:45.460]
what i need to fix, i can double click

[00:16:47.659]
on one of the errors and will take me right

[00:16:49.789]
to the issue for now.

[00:16:54.471]
I’ll open the module security from

[00:16:56.871]
my module using the project explorer.

[00:16:59.613]
Each tab has a detailed matrix of

[00:17:01.613]
their object relative to the user roll.

[00:17:03.972]
When i make the adjustments and exit the screen,

[00:17:06.633]
all the errors disappear.

[00:17:15.153]
The last thing i’m gonna do is at a role based

[00:17:17.364]
home page for the training. I don’t wantto

[00:17:19.824]
have access to the main home page with the buttons.

[00:17:25.977]
And then earlier i created some demo

[00:17:28.037]
users for the teacher and trainee to

[00:17:30.196]
test user module security. Before

[00:17:32.477]
i deploy, i’m going to put the tap back

[00:17:34.836]
into prototype mood because it enables

[00:17:36.936]
me to easily switch between these users

[00:17:39.297]
during testing. Alright, i’m set to prototype.

[00:17:44.554]
We’ve deployed the app.

[00:17:46.134]
Let’s go ahead and check it out when i log in is

[00:17:48.273]
the admin. I have a fully rendered home

[00:17:50.413]
page of actions i can perform. When

[00:17:52.493]
i switched to the teacher, the home page appears,

[00:17:55.203]
but the button creating a training event

[00:17:57.294]
is gone. When i switched to the trainee

[00:18:12.429]
i’m presented with a different page altogether.

[00:18:17.781]
User and module security provide

[00:18:19.882]
me as a developer very fine

[00:18:22.061]
level of access control on the app side

[00:18:24.231]
build segregating module security

[00:18:26.592]
from the project to ensure ease of reusability

[00:18:29.442]
of the modules i build, however,

[00:18:32.386]
giving me the ability to wire them back

[00:18:34.636]
into a project easily

[00:18:36.416]
because i can use pre defined roles

[00:18:38.717]
in those plug in modules

[00:18:40.686]
to define what users have access to

[00:18:43.126]
recapping what we’ve covered today.

[00:18:44.926]
Medics delivers comprehensive security

[00:18:47.237]
at multiple levels to deliver a

[00:18:49.267]
platform for building apse with confidence

[00:18:52.146]
from industry standard compliance for cloud

[00:18:54.416]
operations to the specific activities

[00:18:56.737]
users may perform when interacting

[00:18:58.906]
with an app.

[00:19:02.442]
Medics provides a visual and streamlined

[00:19:04.832]
approach to implementing security with

[00:19:06.951]
low code.