31 Jul 2019

Apps, Security

Designing Secure Apps: How to do it Right

Google Rating

4.9

Based on 144 reviews

Montreal Graphic Design

4.9

Nikolaos Rothos

19:37 22 Sep 20

Everything we asked for was done perfectly. The final result is just perfect. Thank you for everything.

Romario Pierre

03:43 01 Sep 20

Great service, always on point with the reply.

Ariana Badia

21:24 27 Aug 20

Patrick was amazing to work with! He is a talented and creative graphic designer. He was also very accommodating to all my requests! He created a logo and label design for my small business, and I am extremely happy with the way they turned out! He completed the work in a timely manner and created a great design! Would recommend to anyone looking a for a talented and creative graphic designer!

Shane Brady

21:13 13 Aug 20

I have used a graphic artist for 15 years for the various real estate projects I have developed. I was told recently to meet with Pat. His level of service, expertise, professionalism and creativity was enormously impressive and compelling. I am giving Pat all my business now and I am referring my business contacts to meet with him. Shane P. BradyPresident Resort Capital GroupMontreal

Akarshan Singh

17:39 12 Aug 20

Working with Patrick was quick and easy. We love the logo he created for us in multiple formats. I look forward to working with him again soon!

Dany Dorrito

21:25 07 Jul 20

Working with Patrick was as smooth as can be. He was able to work extremely efficiently and produced some great results. He upgraded our website from amateur level to a professional company. He went above and beyond to make sure we were happy with the final results. I would highly recommend using Patrick for your business if you're looking for a quick turn around and great results. Would definitely work with Patrick again in the future.

Steve Ndikumana

20:34 03 Jul 20

We just did 2 back to back projects with Patrick and we couldn't be more satisfied with the results. Patrick gives his all to the projects that he starts and goes above and beyond to make sure that he delivers something that will exceed his client's expectations!! Highly Recommended!!

Tyson Cic

00:58 03 Jul 20

Working with Patrick has been great. Very resourceful quick, creative, always easy to get a hold of if you have question, and most importantly to me, he makes you feel comfortable. Will definitely continue to work with him on future projects, and absolutely recommend him to any body in need of a Graphic Designer.

Romina Perri

14:08 30 Jun 20

Very quick turn around time and great quality. Much appreciated!

Andre Giroux

23:53 16 Jun 20

I must say i have had to use many different companies over the years, and now i no longer will have that problem. Working with Patrick makes everything easy and efficient. You dont need to use multiple companies or talk to multiple people. He is prompt, courteous, resourceful and a pleasure to work with. I couldnt recommend anyone better at what they do then him. Thank you for everything Patrick and i look forward to working with you more in the future.

John Roordink

16:21 13 Jun 20

I true pleasure working with Montreal Graphic Design. Multiple projects done by now and we'll keep going. 5 stars well deserved. Thank you for your work. Much appreciated!

Ilia Ejov

15:00 09 Jun 20

Dan Quirouette

20:32 29 May 20

Great company to work with, very customer focused and certainly dedicated to make sure customers receive precisely what they are looking for. We will continue to work with this group on all future projects.

lorenzo bernabe

06:01 27 May 20

I’ve been working with Patrick regularly for the past few months in terms of designing and putting our website as well as other marketing assets. Patrick has been flexible and adaptable in terms of our needs which is super important for me as a small business owner. He also know how to create some great work at a reasonable rate. A great guy and professional to work with!

ForgeDistribution

15:12 25 May 20

We have had an incredible experience with Montreal Graphic Design. Patrick is very talented and responsive. Your request(s) is attended to immediately. We continue to work with Patrick today, and will continue in the future with all our design needs!

Rob M

02:59 23 Apr 20

Speedy creative affordable solutions. Patrick quickly understood my vision and provided me with a few options for my logo and design elements for my business. I am very happy with the finished product and will continue to work with him on future design projects. Can't thank him enough.

Veronique Dorval

01:24 15 Feb 20

I had a wonderful and creative experience working with Montreal Graphic design. Patrick was very attentive to my vision and came up with amazing ideas for my logo, which were fine tuned to perfection. Very professional and efficient. Looking forward to future collaborations!

Parissa Sarandi

00:25 11 Feb 20

Moon Nk

20:54 29 Jan 20

Patrick is such a pleasure to work with. Patient and effective. Helps bring your visions to life!

Matthew Crossman

03:48 25 Jan 20

Fantastic work! Pat was very easy to work with and understood exactly what I was looking to achieve. Will definitely be using him for future business projects.

Mike L Jabbour

03:21 15 Jan 20

Great Job! Great price! Quick and easy to deal with.Thanks Patrick for your efforts

Maxime Casabon

18:11 10 Jan 20

Midas TheRuler

17:24 07 Jan 20

They are Very Professional and Efficient.

aliona ciumac

15:39 30 Dec 19

Patrick and the Team at Montreal Graphic Design were absolutely incredible in their service. Attentive, professional, and true pros in their work. The final product exceeded our expectations! We are looking forward to working with them on future projects, and without a doubt they’ll be our go-to each and every time.Eat The Fruit Inc. Team.

Rhonda van Veggel

17:01 17 Dec 19

Highly professional service, very responsive and advisory during the design process. Will use again in the future and also will recommend others to use this service.

orakwase mcgregor

23:33 11 Dec 19

Ryan Hayes

15:13 11 Dec 19

Fast and efficient.

Mike Piazza

20:54 09 Dec 19

Patrick was really helpful. As a person starting my own company and looking to create a logo, he worked with me, listened to my ideas, and was able to deliver something tailored to my needs. Great job!

Alexandre Medina

17:02 04 Dec 19

Would give it 6 stars ! Quick to respond, amazing logo design and very professionnal.

Autos H&M

21:08 02 Dec 19

They did our logo and they were very professional and easy going.! I Recommend them for any business logo!

James Chiha

17:51 22 Nov 19

Patrick is very attentive and responsive. His Illustrator is fantastic as well! Coming in with, what I find to be a more eccentric project, Patrick and his team helped develop our ideas, and brought them to life. Everything from the design to the colours look great, and there is already talk of working with Montreal Graphic Design in the future. Big thank you from The Fats!

Leo Da Estrela

21:18 21 Nov 19

Montreal Graphic Design were great to work with, super responsive and delivered great work. Will definitely work with again!

salman alawamleh

21:50 15 Nov 19

Great job and amazing service. I am Looking forward to do more business with you.Best regards

Emmanuel Laforest

19:24 01 Nov 19

I never dealt with someone who's so talented and professional. I highly recommend him! Super satisfied with my company logo!

Romada Inc

17:31 01 Nov 19

To start, Montreal Graphic Design was very professional. The interaction with them was fluid. The response were on the spot, it;s like we were the main priority of the business. It was a pleasure doing business with them and I am sure this is not the last one! Until next time... Thank you !

Jason Cheevers

14:49 25 Oct 19

Very happy with the service. Will definitely recommend.

Murray Stark

18:35 16 Oct 19

Thoughtful, efficient and timely

Emanuelle Estephan

18:25 17 Sep 19

Great service, very understanding to our highly demanding and changing requests. Will definitely be contacting them for future work. Thank you!

Omar Bizri

04:01 16 Sep 19

Amazing service and quality of work. Tried several companies and non knew exactly what I was looking for. Patrick CEO of the company and his executed a Phenomenal job on our project. Five starts under rated..

Geneviève Guindon

13:28 11 Sep 19

Patrick a fait un très beau packaging pour mon produit et il répond promptement aux demandes. Merci!

mike ACSO

01:01 31 Aug 19

C'est fut vraiment un plaisir de travailler avec Patrick. Il a répondu à ma demande en moins de 30 minutes! J'avais une idée en tête pour le logo de ma compagnie et Patrick l'a définitivement poussé à au autre niveau. Le résultat est partfait! Ce fut rapide, facile, courtois, professionnel et bien fait. Il est maintenant ma personne de confiance pour tous besoins futurs de graphisme! Merci Patrick!

Sanae Chafi

14:33 18 Jul 19

Working with Patrick was a total breeze! He created our company logo, and he listened to our ideas/vision and delivered exactly what we wanted! Highly recommend Montreal Graphic Design for any logo required project.

Homero Herrera

21:26 25 Jun 19

Patrick is a very talented designer who takes his projects to heart. He has been very helpful and patient helping me choose my personal logo. His amazing taste and great advice make him a very unique artist. If you are looking for the right design, there is only one stop: Montreal Graphic Design.

mr kaneb

19:48 25 Jun 19

Patrick did great work for my company. Effective, reasonable and easy to work with.

Kenicherie

15:34 20 Jun 19

Patrick is really patient, kind and understanding. He helped me design my logo and was really receptive to my feedback and criticism. I recommend him for people who want to design a quality logo but don’t know where to start! Thanks Patrick.

Akili Roberts

16:48 10 Jun 19

Easy to work with, communicative, and produces a quality final product.

Julie Blais

18:25 06 Jun 19

I love my logo! Patrick did excellent work for a great price. He was very patient and responsive to all my questions, and delivered everything I could have hoped for. I can honestly say that he went above and beyond, and the finished product is fantastic! I am one happy customer.

James O'Farrell

12:08 21 May 19

Patrick responded quickly and efficiently to our request. He took no time in understanding our need and delivering a quality ad. Looking forward to bigger projects with him.

Chris Knight

15:31 17 May 19

Great work, everything met!

Danik Roy

23:03 16 Apr 19

Patrick was really helpful. My collegue and I were looking for professional advices and feedbacks on a logo we had. Patrick was able to work with us and accomplish the designs we were looking for. He always responded quickly and was really patient while listening to our multiple demands. If you are looking for someone to work with and someone who will listen to your needs, Patrick is your guy!

See all reviewsWrite a review

Designing Secure Apps: How to do it Right

July 31, 2019

Application security has always been an integral component of app design. Up until recently, developers were only focused on securing apps against external malefactors. For example, employees using an app were not considered a major security threat.

But with so many cloud-based apps in use today, employees, clients and partners are accessing them both from work and from home. This comes with a myriad of security risks and a potential branding disaster. And we cannot rely on users to implement proper security measures on their own.

Therefore, application security has to begin in the early stages of the app design process. Security experts, web designers and developers have to think about all the possible ways in which the security of an app could be jeopardized. Let’s take a look at some of the best practices for designing secure apps.

Consult OWASP Top Ten

The OWASP Top Ten includes the most important web app security vulnerabilities. These threats were identified by some of the top security experts on an international level. The vulnerabilities have to do with integrity, confidentiality, and availability of a web application, its users as well as developers making it. Examples of vulnerabilities include security misconfiguration, sensitive data exposure, authentication and session management, injection attacks, etc.

Being aware of such risks and developing the application securely gives us a much better chance of avoiding security breaches. The OWASP Top Ten therefore helps developers stay in the loop of the latest security threats. However, even with the continuous education and efforts to raise security awareness, many companies still suffer a breach. The importance of being aware of risk cannot be stressed enough.

Run a Security Audit

Considering OWASP Top Ten, having a security mindset and performing continuous self-testing may help you avoid encountering any of the breaches from the list. But even if your developers are heavily focused on security, they still have preconceived filters and biases. This means that developers working on the code every day have a subjective analysis of it. Because they live and breathe the code they are working on everyday, they are unable to critique it objectively. This is why it is important to get another set of eyes on the code. This person must not be biased toward anyone or anything within the organization.

If you want to establish application security, it would be wise to comply with an information security standard such as ISO 27001. You can even get ISO 27001 documentation online and learn how to run an internal audit with the help of free online courses. It is highly advisable to run a security audit of your application to get an idea of how to secure it properly. Always take a security-first approach and you will be able to design secure apps much more efficiently.

Implement Proper Application Logging

After a proper security audit, you have refactored your code and you have established a security baseline for your app. Now, we should take a look at the bigger picture. Let’s look at one of the external security factors, specifically logging. When a bug appears (and it usually does), it is important to solve the problem as quickly as possible. This means reacting before it is too late and for this you have to implement proper logging beforehand. This will allow you to get information on what happened, actions that led to the issue and anything else that was happening at the time.

You have to ensure your application is properly instrumented. There are numerous services and tools out these to help you, depending on the software languages you used to write the app. Also, you will need to store data in a way it can be easily and efficiently parsed when needed. You can use the Linux syslog or an open source solution such as the ELK stack, or a SaaS service, e.g. Loggly, Splunk or PaperTrail. The most important thing here is to ensure the data is being stored and it can be quickly and efficiently parsed when need be.

Use Continuous Security Monitoring and Protection

For any kind of application security, you will need to use traditional firewalls and web application firewalls (WAFs). But firewalls do not offer foolproof protection and can sometimes fail. They can generate large numbers of positives and negatives and their maintenance gets too expensive. But WAFs do give you a certain level of security protection for your app.

If you are looking to use a firewall, it’s best to use them together with a Runtime Application Self-protection (RASP) tool. You can also make use of Application Security Management platforms that provide RASP, as well as WAF modules suited for your specific needs. These tools can provide you with continuous security monitoring and protection. This enables you to protect your app from both external and internal threats.

Use Encryption

After you have instrumented a firewalled your app, now it’s time for encryption. And this does not end with just HTTPS and HSTS. Instead, you should actually encrypt everything. There are services such as Let’s Encrypt that can make HTTPS extremely accessible. What is more, Google is even rewarding companies that use HTTPS correctly. Unfortunately, only using HTTPS will not be enough.

While HTTPS can efficiently stop a Man in the Middle attack, we should start looking at the greater picture. This is why it’s important to encrypt data at rest, besides just data in transit. For example, if someone gets access to your servers and clones or destroys the drives, your security efforts will go to waste.

Keep Your Servers Updated

You might have hardened your OS, but have you updated it? Even if it is hardened against the latest version, your packages might contain vulnerabilities. You should set your servers to update automatically as new versions appear. You don’t need to update all the packages, but the ones that relate to the security of your app.

You can automate these processes or do it manually. It will usually depend on you organisation’s perspective on the matter. For automatic updates, you can use UnattendedUpgrades (Debian-related distributions), yum-cron (“update_cmd = minimal-security-severity:Important”) or the Automatic Updates feature in Windows. To use any of these, refer to the documentation for your OS or distribution.

Keep Your Software Updated

Keeping your OS updated is important, but you will need to update your app framework and third party libraries too. Frameworks can save you huge amounts of time and effort, despite people being reluctant to use them.

These third-party software libraries have vulnerabilities just like any other operating system. But they can be patched rapidly and improved if properly supported. Therefore, you have to ensure using the latest version. PHP, Python, Ruby and Go all have package managers. These help with maintaining external dependencies and are automated during deployment. Using them is advisable but make sure you are using the latest version.

Start Designing Secure Apps Today

Today, countless apps are being developed on a daily basis. They help us with everything – from managing our time and finances, to providing us with entertainment. But if the app we love using so much lacks security, we might lose much more than what we paid for. Our corporate and personal data is at stake.

Therefore, application security should be a top concern for designers and developers. Consulting OWASP Top Ten, running security audits, implementing proper logging, continuous security monitoring, encryption, and staying up-to-date with software and servers are some of the crucial things to look at when designing an app. These will help you stay safe from malicious actors.

Guest Poster – Nebojsa Ciric

Neb is a writer and partnerships manager with Advisera – one of the market leaders in helping businesses implement ISO, ITIL, IATF, AS and OHSAS standards. Neb has several years of experience in creating content for the web. Currently, he is on a mission of sharing knowledge on the topics of cyber security, quality management, compliance, etc. Advisera also offers an abundance of free learning courses and materials. If you are interested in learning more about corporate compliance and governance, feel free to visit their blog.

MTL Graphic Design

MTL Graphic Design