A Thing
The Green SheetGreen Sheet

The Green Sheet Online Edition

October 09, 2023 • Issue 23:10:01

Reader's Speak

In July of this year, three prominent gaming sites—Roblox, Neopets and Bandai Namco—were hit by data breaches. Oliver Green, creator of autoclicker.io, shared tips on how to protect developers from cyberattacks and ensure optimal cybersecurity. The tips will be familiar to Green Sheet readers but bear repetition.

"Protecting online developers from cyberattacks is essential for game companies to protect their intellectual property, data, and the integrity of their games," Green stated. "Data breaches in gaming can have significant impact on both users and developers. Games companies are a niche demographic and they're known for spending a lot of money. Therefore, a gaming company's financial status makes it a tempting target for cybercriminals."

He cited the following measures companies can take to provide optimum security:

  • Security training: This helps keep developers and staff members up to date. It's important to ensure they are aware of common cyber threats, phishing scams and the best practices for data handling and secure coding.
  • Access control: Implementing a strong access control system helps limit access to sensitive information and critical systems to authorized personnel only.
  • MFA: Enforcing multi-factor authentication (MFA) for all accounts, including developer accounts, adds an extra layer of protection against unauthorized access.
  • Data encryption: Ensuring sensitive data is encrypted, both in transit and at rest, ensures that data remains unreadable without the appropriate decryption keys.
  • Secure APIs: Application programming interfaces (APIs) help ensure developers are adequately secured and have proper authentication mechanisms.

Green mentioned three potential methods of authentication: 1. HTTP basic authentication where a user needs to provide user ID and password; 2. API key where a user needs a unique identifier configured for each API and known to API Gateway; and 3. A token generated by an Identity Provider (IdP) using the OAuth 2 protocol, which he recommended.

Ongoing security

What measures have you taken to ensure your company's data security? In payments overall, what areas are strongest when it comes to security. What areas are most vulnerable, and what can we do to shore them up? Tell us at greensheet@greensheet.com. end of article

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Prev Next
A Thing