vgs-django-pii-sample
Sample of using VGS for securing PII data(Django).
- Docker
- ngrok
- account on checkr.com
- Clone repository
- Register on checkr.com
- Put your
CHECKER_API_KEYtodocker-compose.ymlfile - Install docker on your local machine
- Run
rerun.shscript
Application will be started in Docker container and available at http://localhost:8000/app/
Before integrating with VGS, the application works but it stores all PII (Peronsally identifiable information) data in storage.
before we start, we should make our app visible from internet. You can use ngrok for it.
Since we do not want to store PII data in our own storage, VGS can take data custodianship.
- Go to VGS-Dashboard, create a new organization, create a new vault. This is where we will store PII data.
- Lets setup
inboudtraffic protection:
- go to
Routes
- create new
inbound route
- add
upstreamas an app host fromngrok
2.1 Lets setup filter which will redact PII data in client's request:
- setup filter to process request data
2.2 To make data readable for the customer who owns this data, lets setup another filter, that will reveal PII data in client's response:
- add new filter in the
inboundroute
- setup filter to process response data
Done!Inbound route is already created. Click Save button and check result.
3 We've protected our system from storing PII data in our DB. But we need original data for processing it on checkr.com. Lets setup outbound routes to perform this operation.
- go to
Routes
- create new
outbound route
- add
upstreamas acheckrAPI host
3.1 Let's setup filter which will reveal PII data in client's request to Checkr:
- setup filter to process request data
3.2 Checkr service returns user's PII data in response, so we should rid of original PII data:
- add new filter in the
outboundroute
- setup filter to process response from
Checkr
Done!Outbound route is already created. Click Save button and check result.
4 We have created the VGS vault, lets use it in our app:
- copy access urls to the vault
- paste it to
/idVerification/settings.py
VGS_REVERSE_PROXY='https://tntvsu7b08w.SANDBOX.verygoodproxy.com' #inbound
VGS_FORWARD_PROXY='https://US4HaDCukkzFFPcGe3nYR933:f0748f46-dcdd-4320-a7de-8f2204fef53a@tntvsu7b08w.SANDBOX.verygoodproxy.com:8080' #outbound
Done! Our app is now secured by VGS. Lets check it out!
- run
rerun.shscript - go to http:localhost:8000/app/
- add new data using UI form
- lets go to data original view and try to check it on
Checkrservice
Want to just jump right in? Check out our getting started guide.
Very Good Security (VGS) allows you to enhance your security standing while maintaining the utility of your data internally and with third-parties. As an added benefit, we accelerate your compliance certification process and help you quickly obtain security-related compliances that stand between you and your market opportunities.
To learn more, visit us at https://www.verygoodsecurity.com/
This project is licensed under the MIT license. See the LICENSE file for details.