Skip to content

Best Practices

For running a confidential application in production mode, we recommend the following best practices:

  • (BP1) Run your production application under the control of a SCONE security policy (aka session, see policy language),
  • (BP2) Be strict regarding which security vulnerabilities you tolerate in your security policy (attestation section). NEVER tolerate debug-mode.
  • (BP3) Enforce governance for accessing your SCONE security policy, i.e., prevent a single person from being able to change policies.
  • (BP4) Disable debug mode in your application, i.e., build your application for production.
  • (BP5) Close all unnecessary ports and sockets in your application. Additionally, close all unnecessary ports and sockets via the SCONE network shield,
  • (BP6) Protect all open ports of an application with mTLS using either the SCONE network shield or via program configuration.
  • (BP7) Inject all configuration files via injection files in your security policy.
  • (BP8) Protect all files using either binaryFS or encrypted volumes unless your application supports file encryption out of the box (e.g., MariaDB).
  • (BP9) Provide all arguments and environment variables via the security policy.
  • (BP10) Generate security policies with security policies, do avoid policies that define secrets by providing their values.
  • (BP11) Disable all unnecessary signals in your program.