Data privacy is one of the areas where the old adage “prevention is better than cure” is definitely true. A tiny bit of malicious code uploaded to your website can cause enormous damage, from the opening of a pop-up window to passwords or sessions stolen and even a complete system breach. As part of your security measures for data you should specify how frequently and by whom your system is scanned for this type of malicious code. Also, you should determine what security measures are in place to reduce the risk.
Make sure that any software platforms or scripts used on your sites are updated regularly. Hackers are constantly looking for security flaws in popular web software and in the absence of timely updates, it opens your system up to attack. You should also restrict access to your network or database to only the minimum number of users required to do their job.
Create a plan of action to deal with potential breaches and designate a staff member to oversee the process. Based on the business you run it is possible to notify customers, law enforcement agencies, and credit bureaus. This is a serious matter that must be planned in advance.
Set up strong password requirements and ensure you have a way to save passwords. For instance, you should require upper and lowercase characters, numerals, and special characters. You can also make use of salt and slow hash functions. Avoid the unnecessary storage of confidential information about users, and if you do, minimize the risk by either encrypting the data or eliminating it after a certain amount of time.
