Tag Archives: security

Easy data encryption in Azure

For those of you who use Azure today, the security discussion must have been a thing on some occasion. Explaining to managers (and possibly colleagues) that Azure is a lot more secure than a(n) (on-premise) data center, and that Azure is easier to maintain and scalable. Trust me, we’ve all been there!

But besides the physical security, there’s also the digital security. In the world of today it’s easier to find a data-breach on the news, then it is to find an item about a bank robbery. So how can you secure your data in Azure in an easy but solid way, without the hassle of changing your applications?

Encryption could be one of your tools to achieve a secure infrastructure and/or applications. But encryption is a challenge for pretty much everyone. Almost every day we hear about companies not doing it right, or not doing it at all. But luckily, Azure helps us with setting this up with just the click of a button.

Okay, okay, you got me. Maybe a few button clicks…
Continue reading Easy data encryption in Azure

Application Authentication via https using NTLM

We at Roadmap take security very seriously. Everything we do and everything we touch or make, we think about security as it is part of how we work. In fact: it is in our DNA.

Recently we have been working on a way to generate monthly reports for our customers in a sweet automatic way. To be able to download these reports the report server need to verify the given NTLM authentication credentials which are provided by the application. This was a bit of a challenge as it did not work in the way we would assume.

When you want to download a file, the .NET Framework provides you and easy and simple code snippet, which works straight away:


        public void DownloadAwesomeness()
        {
            var url = new Uri("https://DomainNameHere");
            var location = @"C:\Temp\Destination.txt";
            
            using (var client = new WebClient())
            {
                client.DownloadFile(url, location);

                Console.WriteLine("We are done!");
                Console.Read();
            }
        }

This works perfectly. How hard can it be to add some extra credentials to the WebClient? As the WebClient has a Credentials property, we will set these.


        public void DownloadAwesomeness()
        {
            var url = new Uri("https://DomainNameHere");
            var location = @"C:\Temp\Destination.txt";

            using (var client = new WebClient())
            {
                client.Credentials = new NetworkCredential("username", "password", "domain");
                client.DownloadFile(url, location);

                Console.WriteLine("We are done!");
                Console.Read();
            }
        }

When you will run this you will notice that the client.DownloadFile(url, location); will throw an ‘403 – Access Denied’. Before you start changing any usernames and/or password because you are doubting yourself if you did something wrong, let me help you out here: You didn’t do anything wrong. More interesting is; what is actually going on? What is happening with the credentials? Continue reading Application Authentication via https using NTLM