Security
DHCW adheres to the ISO 27001 standard for Information security management. To comply with certification requirements, you MUST follow secure development practices, including:
-
Analysing code for quality and vulnerabilities.
-
Applying branch policies and security controls to restrict access to code repos.
-
Implementing vulnerability scanning within CI and CD pipelines.
-
Keeping systems updated with the latest security patches.
-
Ensuring encryption of data in transit and at rest.
More detailed guidance, refer to the relevant documents below.
Further reading and information
SOP-OSD-004 Web Applications
SOP-OSD-005 Encryption in Transit
SOP-OSD-006 Application Programming Interfaces
Practical tips
Security standards are not published to our document management system, iPassport. Contact the Cyber Security team to obtain the latest versions.