This is a workflow of technical tasks for developers who are building a COVID-19 app. This should be part of a holistic security program for your organization. Please refer to our full list of Workflows.
CyberSec Standards Regional Compliance Checklist
Create an account for your app, and work through the compliance checklists for regional privacy laws at our developer portal.
OWASP Secure Coding Practices Checklist
This is a checklist of secure coding practices that can be integrated into the software development lifecycle. Original checklist at OWASP.org
Mobile App Security Checklist
- OWASP Mobile App Security Checklist contains a workflow for mobile app developers to implement security in their products.
Additional useful references:
- OWASP Mobile Security Testing Guide (MSTG)
- OWASP Mobile Application Security Verification Standard
- Apple Security Development Checklists
ISO/IEC 24760-1:2019 IT Security and Privacy
ISO provides guidance for implementing a framework for identity management. That is, the issuance, administration, and use of data that serves to characterize individuals, organizations or information technology components which operate on behalf of individuals or organizations.
- For organizational data: The proper management of identity information is necessary to maintain security of the organization and its processes.
- For individuals' data: Proper identity management is required to protect individual privacy.