Navigating the Maze of Authentication Options for Solo Devs and Small Teams (header)

Navigating the Maze of Authentication Options: A Solo Developer’s Guide

Andy Link Articles, Programming, Security Leave a Comment

In web development, choosing the right authentication strategy is a pivotal decision, especially for solo developers or small teams working with limited resources. After extensive research, I’ve adopted a hybrid approach that combines the security and ease of 3rd party services like Google and Microsoft with the control of an in-house solution.

This hybrid approach addresses my core concerns: cost, control, and user convenience while keeping the in-house method at the forefront. As we explore this topic, Iโ€™ll share the considerations and insights that shaped my strategy, aiming to guide you toward the authentication system that best fits your projectโ€™s unique demands.

What are the Common Software Security Issues & How Do I Prevent Them?

Zach Gardner Keyhole, Security, Videos 1 Comment

Attention: This article was published over 2 years ago, and the information provided may be aged or outdated. While some topics are evergreen, technology moves fast, so please keep that in mind as you read the post.In the world of software development, addressing the common software security issues and how you can prevent them is crucial. At Keyhole, we understand …

What are the Common Security Issues in Cloud Computing for Businesses?

Zach Gardner All Industries, Cloud, Keyhole, Security, Videos Leave a Comment

Attention: This article was published over 2 years ago, and the information provided may be aged or outdated. While some topics are evergreen, technology moves fast, so please keep that in mind as you read the post.As an expert-driven software development and consulting firm, we prioritize knowledge sharing, client-focused delivery, and a commitment to modern technology solutions. In this spirit, …

FHIR APIs

Part 1: Creating an FHIR API – Google or Azure?

Zach Gardner API Development, Articles, Cloud, Creating an FHIR API, Healthcare, Security, Tutorial Leave a Comment

Data interoperability is one of the hardest problems in Healthcare IT. The most popular approach is to exchange HL7v2 messages between systems. These pipe-delimited messages are difficult to read by a human and often need additional customizations between implementations.

The next major paradigm shift is towards FHIR (Fast Healthcare Interoperability Resources), a JSON-based standard that is evolving ahead of the needs of the industry. Cloud vendors like Microsoft, Amazon, and Google are trying to lay their claim to be the one-stop shop for healthcare on the cloud.

This blog is part of a 4 part series diving into an actual use case I recently encountered while working with a client. I had to stand up an FHIR repository/API for 2+ million patients that could be used by hundreds of users every day, as well as countless background processes.

Application Security Whitepaper

White Paper: Security Best Practices in Application Development

Keyhole Software Articles, Consulting, Keyhole Creations, Security Leave a Comment

This white paper provides key takeaways for application stewards and software leaders to improve application security, with examples of common application security liabilities and suggestions for remediation. Topics include:

An in-depth look into Security Culture and the importance of the people element in adopting a security-first outlook.
An explanation of common application practices we frequently see in the wild that can be inherently risky, with suggestions for best practices.
A security checklist to determine critical areas of higher risk to prioritize in your journey to a more secure application.
Anย explanation of the security Surface Area and how to minimize it starting from your source code.
Strategies to protect Authentication and Authorization and a comparison between Third-Party solutions and rolling your own auth.
A deep dive into built-in Application Security and an exploration of strategies that might help your business, including Network-Level Security, WAF, Payload Encryption, SSL, Cloud Configuration, and SIEM…