Secure external database access question 

Secure external database access question 

  
Hi All,

We have a SQL database that contains sensitive information. We would like to restrict the database access to certain OutSystems applications.

  1. What is the best practice for secure database access to the external database access in OutSystems?
     
  2. Is there a configuration setting in the integration studio that would allow you to restrict the access to the generated database extension?
     
 
Thank you for your help,
David Lo

Hello David,

I'm assuming you have an infrastructure where LifeTime exists, and that you have more than just production...

In development I would say that you should have a database without the sensitive information, if possible. If not, and applicable to every environment, the way to achieve that is by having that extension in an application that only a certain team as access to. 

You can create a team that that can reference that app, and have all others with 'No access'