DrupalCon Seattle 2019: Data Security in Drupal 8

Apr 12, 2019

Your website’s data is at risk, but knowing how to protect it can mean the difference between another day in the office and a data breach. By building in encryption from the beginning stages of your site, you will avoid headaches from having to bolt it on after the fact and have more tools at your disposal to keep your users secure.

This session will cover what’s new with security in Drupal, best practices for handling private data (email addresses are they really private), and case studies of real-world examples on how to apply these to your next site.

Drupal 8 Security Improvements and what they mean to you

How Drupal 8 stores data - from form to database
Modules you can use to enhance the security of your site
Encrypt Module
Real AES Module
Contrib modules around encryption
Key Module
Benefits of centralized key management
Limit breaches as a result of poor API or key management
How to leverage and extend the Key for your contrib module
Best practices around creating and storing data

Identifying personally identifiable information (PII) and when to use enhanced security to protect it
E-Commerce best practices
How to properly collect and sanitize user input 
Case Studies in Data Security

The session audience will leave with a greater understanding of Drupal security, best practices in keeping their data safe, and what tools they can use in the process.

Hi! I'm Karim Boudjema, the developer and site-builder of this site. I'm currently working as a freelance Drupal developer.

I was wondering how could I giving back to the Drupal community all what it gave to me during the last 10 years, that's how the idea of this site came to me ... (read more)

Hi! I’m Santiago Rico, the web designer and themer of this site.

When Karim proposed me to design and theme this site for the Drupal community, I accepted immediately because the community is the main reason why I love Drupal so much.