7

I am creating a human resource management application that allows access from both employee and HR administrator. Now, I'm faced with a best practice issue.

There would definitely be two users: Employee and HR Admin. I would just like to ask if it will be a security risk to put the HR admin side and the employee side together in one application and just provide different sets of pages for HR admin and employee (which will be determined by the account type of the logged in account). Is that considered best practice, or does it not pose security issues/threats? Or should I just create two separate applications (for employee side and HR admin side)?

Thanks!

dagitab
  • 73
  • 1
  • 5

2 Answers2

6

Either option can work, if done correctly. In general, I would prefer to use the same application because it is simpler to maintain, particularly if the two applications share a lot of common code. However, there are some considerations which could tip the scales in favor of two distinct applications, mainly:

  1. It is easier to lock down a separate HR application to more than simply a login role. For example, the Employee app may be publicly accessible via the internet, but the HR app could be locked down to the internal network, or even certain user's workstations.
  2. It would be much harder to brute force a valid login for the HR app without having access to it.
  3. With a single app, it is possible for a developer to make a mistake and accidentally expose admin functionality to regular users. This obviously would not happen with separate apps. (This is why I stressed "if done correctly" in the first sentence.)
TTT
  • 9,212
  • 4
  • 20
  • 32
  • thanks for showing the advantages of having two applications instead of one. These are advantages I haven't thought of. I really haven't decided which approach to use yet, but both of your answers helped me out in making a better decision. – dagitab Jan 25 '16 at 21:56
1

You can definitely use a single application. While it may be slightly more complex to implement than two separate apps, using a single app with multiple access levels is common practice and acceptable.

Authentication is important for both approaches, but with a single app you'll have to make sure all the admin functionality is protected. Check the user access level every time you perform an action that only admins should be able to do. The benefit of using this approach is you won't have to reuse any code/pages for shared functionality, and you only have one application to maintain/patch.

Buffalo5ix
  • 2,716
  • 15
  • 18
  • With two separate applications you would have to observe and fix security issues with two applications. With just one, that is less effort und you can put more work into making that one application more secure. I consider a single application with strict permission enforcement more secure than two applications. – marstato Jan 25 '16 at 18:30
  • good point, I added it to the answer. – Buffalo5ix Jan 25 '16 at 18:35
  • thanks for the answer! I haven't really come up on a final decision yet, but thanks. I am still in the process of determining whether the two sides will be sharing a lot of similar code. Thanks! – dagitab Jan 25 '16 at 21:58
  • The important part is - exposing functionality via api is really useful. To do that, you need a security model that copes with multi level access. – Sobrique Jan 25 '16 at 22:26
  • 1
    I think you mean authorisation is important, not authentication (although both are required). – SilverlightFox Jan 27 '16 at 08:42