tags:

views:

151

answers:

4
+4  Q: 

How safe is code hosted elsewhere

I was at a meeting recently for our startup. For half an hour, I was listening to one of the key people on the team talk about timelines, the market, confidentiality, being there first and so on. But I couldn't help ask myself the question: all that talk about confidentiality is nice, but there isn't much talk about physical security. This thing we're working on is web-hosted. What if after uploading it to the webhost, someone walks into the server room (don't even know where that is) and grabs a copy of the code and the database. The database is encrypted, but with access to the machine, you'd have the key.

What do the big boys do to guard the code from being stolen off? Is it common for startups to host it themselves in some private data center or what? Does anyone have facts about what known startups have done, like digg, etc.? Anyone has firsthand experience on this issue?

+3  A: 

Most big players in the hosting biz have a solid security policy on their servers. Some very advanced technology goes into securing most high end data centers.

Check out the security at the host that I use
http://www.liquidweb.com/datacenter/

rockinthesixstring  2010-07-04 04:16:54
@titano - If this is what bothers you, then you shouldn't host it anywhere, because the human factor will always be there. You have to put some trust into this equation or else you'll have to host it yourself... at a tremendous cost in time and money.
Gert G  2010-07-04 04:29:35
In the off chance that a crook slips past the preliminary hiring policies, background checks, and security measures, and does walk into the server room with intentions of no-good, they will be watched and recorded the entire time they're in there. Their visit is logged, and if you have a compliant, they'll know what's up. Also, if you have a dedicated server, they "shouldn't" have your Administrator password either... only you should have that... meaning they have to pull your HDD to gain access to it.
rockinthesixstring  2010-07-04 04:30:20
yes you can host your own as well. For the reliability and uptime provided by companies like LiquidWeb, you should easily be able to match that for a single server at only a cost of about 5k-10k per month.
rockinthesixstring  2010-07-04 04:32:01
@Gert, I understand your logic. It's the same logic by which we (the people building the software) were hired. But I'm wondering what other known startups have done out of interest, as in what's the best practice.
titano  2010-07-04 04:33:21
If security is "that" important to the company that hired you, then you really need to tell them that the only secure solution is to host it all in house (at a tremendous cost as @Gert said)
rockinthesixstring  2010-07-04 04:36:11
Also on the codeside, you can Obfuscate your code, encrypt the databae, encrypt the connection string, and make sure you're developing in a compiled language... this way, even if the assembly is stolen, it'll be a hell of a job hacking into it.
rockinthesixstring  2010-07-04 04:37:26
Liquid Web is not that expensive, but if you were to do what they're doing on your own... it would be a HUGE cost. Since they can spread the cost out over thousands of dedicated users, then the cost per user is a lot less.
rockinthesixstring  2010-07-04 04:38:21
would the down voter please comment?
rockinthesixstring  2010-07-05 03:27:27
+2  A: 

What if after uploading it to the webhost, someone walks into the server room (don't even know where that is) and grabs a copy of the code and the database. The database is encrypted, but with access to the machine, you'd have the key.

Then you're screwed :-) Even colo or rented servers should be under an authorized-access only policy, that is physically enforced at the site. Of course that doesn't prevent anyone from obtaining the "super secret" code otherwise. For that, hire expensive lawyers and get insurance.

pst  2010-07-04 04:19:05
There are some Colo's with dual key security. You get one of the keys and they get one of the keys... the door doesn't open without both.
rockinthesixstring  2010-07-04 04:33:15
+3  A: 

Very few people are interested in seeing your source code. The sysadmins working at your host are most likely in this group. It's probably not the case that they can copy your code, paste it on another host and be up and running, stealing your customers in 42 minutes.

People might be interested in seeing the contents of your DB if you're storing things like user contact information (or even more extreme, financial information). How do you protect against this? Do the easy, host independent things (like storing passwords as hashes, offloading financial data to financial service providers, HTTPS/SSL, etc.) and make sure you use a host with a good reputation. Places like Amazon (with AWS) and RackSpace would fail quickly if it got out that they regularly let employees walk off with customer (your) data.

How do the big boys do it? They have their own infrastructure (places like Google, Yahoo, etc.) or they use one of the major players (Amazon AWS, Rackspace, etc.).

How do other startups do it? I remember hearing that Stack Overflow hosts their own infrastructure (details, anyone?). This old piece on Digg indicates that they run themselves too. These two instances do not mean that all (or even most) startups have an internal infrastructure.

labratmatt  2010-07-04 04:40:13
+1 - well said @labratmatt, exactly what I was trying to say as well.
rockinthesixstring  2010-07-04 04:42:22
Hackers are **very** interested in seeing your source code and configuration files.
Rook  2010-07-05 01:12:10
+1  A: 

By sharing user accounts on the same system you have more to worry about. It can be done without ever having a problem, but you are less secure than if you controlled the entire system.

Make sure you code is chmod 500, or even chmod 700, as long as the last 2 are zeros then your better off. If you do a chmod 777, then everyone on the system will be able to access your files.

However there are still problems. A vulnerability in the Linux kernel would give the attacker access to all accounts. A vulnerability in MySQL would give the attacker access to all databases. By having your own system, then you don't have to worry about these attacks.

Rook  2010-07-04 06:28:56
providing of course he's developing for a linux environment.
rockinthesixstring  2010-07-05 06:45:56
@rockinthesixstring Oah right, well he is completely screwed if he is under windows.
Rook  2010-07-05 17:43:16

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security