diff --git a/backend/Dockerfile b/backend/Dockerfile
index f5dd68f92..e08cfd221 100644
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -30,6 +30,9 @@ RUN pip install --upgrade pip && \
 RUN poetry install
 RUN rm -rf $POETRY_CACHE_DIR
 
+RUN addgroup -g 1001 -S backend && adduser -u 1001 -S -G backend backend
+RUN chown -R backend:backend /code/db
+USER backend
 
 ENTRYPOINT ["poetry", "run",  "bash", "startup.sh"]
 EXPOSE 8000
diff --git a/backend/ciso_assistant/settings.py b/backend/ciso_assistant/settings.py
index c875af2be..d41c50bbf 100644
--- a/backend/ciso_assistant/settings.py
+++ b/backend/ciso_assistant/settings.py
@@ -375,15 +375,15 @@ def set_ciso_assistant_url(_, __, event_dict):
     # OTHER SETTINGS
 }
 
-HUEY = {
-    "huey_class": "huey.SqliteHuey",  # Huey implementation to use.
-    "name": "huey-ciso-assistant",  # Use db name for huey.
-    "results": True,  # Store return values of tasks.
-    "store_none": False,  # If a task returns None, do not save to results.
-    "immediate": DEBUG,  # If DEBUG=True, run synchronously.
-    "utc": True,  # Use UTC for all times internally.
-    "filename": "db/huey.sqlite3",
-}
+# HUEY = {
+#    "huey_class": "huey.SqliteHuey",  # Huey implementation to use.
+#    "name": "huey-ciso-assistant",  # Use db name for huey.
+#    "results": True,  # Store return values of tasks.
+#    "store_none": False,  # If a task returns None, do not save to results.
+#    "immediate": DEBUG,  # If DEBUG=True, run synchronously.
+#    "utc": True,  # Use UTC for all times internally.
+#    "filename": "db/huey.sqlite3",
+# }
 
 # SSO with allauth
 
diff --git a/backend/startup.sh b/backend/startup.sh
index a13cdeaab..0e5de7a01 100755
--- a/backend/startup.sh
+++ b/backend/startup.sh
@@ -7,7 +7,7 @@ fi
 
 if [ ! -n "$DJANGO_SECRET_KEY" ]; then
 	if [ ! -f db/django_secret_key ]; then
-		cat /proc/sys/kernel/random/uuid >db/django_secret_key
+		install -m 600 <(cat /proc/sys/kernel/random/uuid) db/django_secret_key
 		echo "generating initial Django secret key"
 	fi
 	export DJANGO_SECRET_KEY=$(<db/django_secret_key)
diff --git a/docker-compose-build.sh b/docker-compose-build.sh
index 5d7349ba3..ea2ef4f71 100755
--- a/docker-compose-build.sh
+++ b/docker-compose-build.sh
@@ -32,7 +32,7 @@ else
 
   # Simple wait for database migrations
   echo "Giving some time for the database to be ready, please wait ..."
-  sleep 30
+  sleep 60
 
   echo "Initialize your superuser account..."
   docker compose exec backend poetry run python manage.py createsuperuser
diff --git a/frontend/Dockerfile b/frontend/Dockerfile
index c53ad3ff6..c39528aeb 100644
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -21,4 +21,8 @@ COPY package.json .
 EXPOSE 3000
 ENV NODE_ENV=production
 ENV BODY_SIZE_LIMIT=20000000
+
+RUN addgroup -g 1002 -S frontend && adduser -u 1002 -S -G frontend frontend
+USER frontend
+
 CMD [ "node", "server" ]