Security & Compliance

Security Hardening Checklist

Production-ready guidance for removing high-risk patterns and aligning with enterprise security expectations

Critical Security Issues & Fixes

High Risk Issues (Must Fix Before Production)

1. SSL Certificate Validation Bypass

❌ High Risk - Enables MITM attacks

CRITICAL

Current Anti-Pattern

ServicePointManager.ServerCertificateValidationCallback =
(sender, certificate, chain, sslPolicyErrors) => true;

✅ Recommended Fix

// Remove the bypass entirely
// For testing only (non-production):
#if DEBUG
  ServicePointManager.ServerCertificateValidationCallback =
  (sender, certificate, chain, sslPolicyErrors) =>
    sslPolicyErrors == SslPolicyErrors.None;
#endif

Completely disables TLS certificate validation - unacceptable for production environments

2. Weak / Legacy TLS Protocol Enablement

❌ Medium Risk - Deprecated protocols

HIGH

Current Pattern

ServicePointManager.SecurityProtocol =
SecurityProtocolType.Tls |
SecurityProtocolType.Tls11 |
SecurityProtocolType.Tls12;

✅ Recommended Fix

ServicePointManager.SecurityProtocol =
SecurityProtocolType.Tls12;

// TLS 1.3 is negotiated automatically
// by the OS when available

Enables deprecated TLS 1.0 and 1.1 which have known vulnerabilities

Secure Email Transport (SMTP)

Enforce TLS and Authentication

var smtp = new SmtpClient(
  settings.SmtpServer,
  settings.SmtpPort)
{
  EnableSsl = true,
  Credentials = new NetworkCredential(
    settings.Username,
    settings.Password
  ),
  Timeout = settings.EmailTimeout
};

Always enable SSL/TLS
Use strong SMTP authentication
Validate server certificates

Prefer SendMailAsync

Current Anti-Pattern

await Task.Run(() => smtp.Send(message));

✅ Recommended Pattern

await smtp.SendMailAsync(message);

Benefits: True async I/O, better thread utilization, cleaner exception handling

Credential Storage & Encryption

Secure handling of sensitive credentials and configuration data

Current State & Risks

Plaintext Credentials

SMTP credentials stored in app settings (plaintext or lightly obfuscated)

File-Based Storage

Configuration files accessible to users with file system access

Security Best Practices

Alert & Report Email Abuse Prevention

Alert Throttling (Implemented)

_lastAlertTime with cooldown prevents email flooding

Recommended Enhancements

• Daily alert cap per device

• Summary emails instead of individual alerts

• Severity-based routing (Critical vs Warning recipients)

PDF & File Handling Security

Risks: Temporary PDF files written to disk with potential access leakage

Use OS temp folder with randomized filenames

Immediate deletion after email send: File.Delete(pdfPath);

Optional: In-memory streams for sensitive environments

Database & Data Protection

Risks: Device inventory and monitoring data stored unencrypted

Encrypt database at rest (if SQLite)

Restrict file system permissions

For server DB: Enforce TLS connections, use least-privilege accounts

Production Security Checklist

Comprehensive checklist for production deployment security validation

Security Baseline Checklist

TLS 1.2+ Only

Disable legacy TLS protocols

⬜

Certificate Validation Enforced

Remove SSL bypass code

⬜

SMTP Credentials Encrypted

Use DPAPI or Credential Manager

⬜

Secure Temp File Handling

Randomized names, immediate deletion

⬜

Alert Throttling

Prevents notification flooding

✅

Sensitive Data Removed from Logs

No passwords in logs

⬜

Network Ethics Configuration

Avoid IDS triggers