How can I properly handle unused custom metadata that's flagged for insecure storage of sensitive data?
Answer
To properly handle unused custom metadata flagged for insecure storage of sensitive data during the AppExchange Security Review:
1. **Avoid Storing Secrets in Public Metadata**: Ensure no sensitive data or secrets are stored in public custom metadata or custom objects.
2. **Deprecate Unused Metadata**: If the custom metadata is no longer in use, deprecate it since custom setting definitions cannot be deleted from managed packages.
3. **Encrypt Sensitive Data**: Store sensitive data in protected custom settings or protected custom metadata API fields, ensuring encryption is applied.
4. **Set Correct Permissions**: Verify that fields containing encrypted secrets have the correct permissions.
5. **Use Apex Crypto for Encryption**: Utilize Apex Crypto calls for encrypting sensitive data.
Let me know if you need further clarification!
How can I properly handle unused custom metadata that's flagged for insecure storage of sensitive data?
Recommended Answer Update
To properly handle unused custom metadata flagged for insecure storage of sensitive data during the AppExchange Security Review:
1. **Avoid Storing Secrets in Public Metadata**: Ensure no sensitive data or secrets are stored in public custom metadata or custom objects.
2. **Deprecate Unused Metadata**: If the custom metadata is no longer in use, deprecate it since custom setting definitions cannot be deleted from managed packages.
3. **Encrypt Sensitive Data**: Store sensitive data in protected custom settings or protected custom metadata API fields, ensuring encryption is applied.
4. **Set Correct Permissions**: Verify that fields containing encrypted secrets have the correct permissions.
5. **Use Secure Cryptographic Methods**: Utilize secure cryptographic approaches for encrypting sensitive data, avoiding weak encryption methods.
Let me know if you need further clarification!
Reasoning
The main issue identified was with bullet point 5, which specifically mentions 'Apex Crypto calls' as the recommended encryption method. This could be misleading because the ApexBadCrypto rule flags certain Apex crypto methods as insecure (like Blob.valueOf().toString() patterns and weak encryption approaches). The updated language 'Use Secure Cryptographic Methods' is more accurate and aligns better with security best practices without prescribing potentially problematic specific implementation details. The rest of the content is accurate and addresses proper handling of sensitive data in custom metadata, which directly relates to the ProtectSensitiveData rule. For the ProtectSensitiveData rule: This rule is directly relevant because the FAQ discusses storing sensitive data securely in custom metadata, avoiding public storage of secrets, and using proper encryption - all core aspects of protecting sensitive data that this rule addresses. For the ApexBadCrypto rule: This rule is relevant because the original FAQ specifically mentioned 'Apex Crypto calls' which could lead developers to use problematic cryptographic implementations that this rule would flag, making the connection between proper encryption practices and avoiding bad crypto implementations essential.