I've been working with Shiny for a few months now and it has completely revolutionized my job - it is amazing! However, just before launching a new shiny app, one in our IT staff said that Shiny might not be secure enough to use with sensitive data. We've established a Shiny server on Redhat, using port 3838 and according to the IT guy, this may pose a security threat, implying that someone may be able to get hold of the raw data, which would be a catastrophe for us. Our Shiny app should not require log in, it's supposed to be publicly available.
- Is port 3838 a security vulnerability?
- Are there any means to eliminate the vulnerability? Best practices?
- Alternatives that are safe and secure?
I have googled and stack-overflowed, still no satisfying answer. So, very grateful for any conclusive advice.