- Assign to users/clients only those privileges that are strictly necessary for them to perform their duties and block access to everything else (the principle of least privilege).
- Ensure that the workflow's privileges are correctly checked and enforced at every step.
- Deny all access by default and then allow users to perform tasks/access information after an explicit verification of authorization.
- Users, roles, and authorizations should be stored in a flexible media, such as a database or a configuration file, so that they can be added, deleted, or updated. Do not hardcode them.
- Again, security through obscurity is not a good posture to take.