What are the steps to secure Winform Application


I have a question to ask or advise to seek. Is there a need to secure winform application in intranet environment? Clearly, there is no external threat and only authorized personnel have access to intranet environment, so I am not sure if these is need to secure it. Unless it’s insider threat, however, it’s still impossible as there isn’t any necessary tools available or downloadable within the environment.

The only threat I can foresee is the transparency of my application. Within my winform application folder, the source file was made available to anyone and user might have the ability to understand it and reverse engineering to those source file.

So I’m asking, based on the description above:

  1. Aside from parameterized query or input sanitation, what others threat have I missed out?
  2. How do I better secure those source file? obfuscation?(any guide would be appreciated!)