An injection attack occurs when a web application’s database receives harmful code that is designed to comprise the proper execution of the web application. SQL injections are a common kind of injection attack, and they executed by an attacker in order to destroy a web application’s database for the purpose of causing data loss or theft.
To defend against injection attacks, we encrypt our code with variables that are unique to our system. Without these variables, an attacker cannot inject harmful code into your system. Our SQL database is hosted by Microsoft Azure. Only highly privileged persons have access to this database. You can read more about how we safely store your data in this article.
While the bulwark of the defense against injection attacks is taken already taken care of, it is possible for you as a standard Indigo user to further mitigate these kinds of attacks:
- Maintain a stringent password policy for yourself and any other administration user of your Indigo system. Simple passwords can be deciphered by data snoopers and attackers.