To review, here are the important points to consider when you're designing for privacy and security:
-
Understand the information in your directory, how it needs to be protected, and from whom it needs to be protected.
-
Think about who might want to compromise the security of your directory and their motives for doing so.
-
Understand the ways in which the security of your directory can be compromised.
-
Familiarize yourself with the various tools and techniques you can use to secure your directory.
-
Understand the sensitivity of the data stored in your directory.
-
If replication or synchronization is used, understand the places to which directory content is being replicated or synchronized.
-
Understand the network environment and the capabilities it might offer a hostile person.
-
Consider the physical security of the directory servers and backups of the directory data.
-
Be aware of any company policies and legal requirements that may apply to you.
-
When designing your directory, strike a balance between security requirements and usability.