Data privacy is a matter where the old adage “prevention is better than cure” certainly applies. A tiny bit of malicious code uploaded to your site can cause massive damage, ranging from a pop-up window opening to a stolen session or password and even complete system compromise. You should mention in your data security policies how often and by whom you check your system for malicious code, and what protections exist to reduce the risk.
Ensure that any software platforms or scripts that you use on your website are updated regularly. Hackers actively target security vulnerabilities in popular web software programs and an absence of timely updates exposes your system to attack. In addition, you should restrict access to databases or networks to the least number of people required to perform their tasks.
Develop a response strategy to deal with potential breaches, and designate one of your employees to oversee the procedure. Depending on your company you may need to notify customers, law enforcement and credit bureaus. This is a major step that should be planned out in advance.
Create strong password requirements for consumer accounts. Ensure that you have a suitable method for storing passwords, such as requiring the use of upper and lowercase numerals, special characters as well as using salt and hash functions that are slow. Avoid storing unnecessary user information, and when you do, reduce the risk by encryption the data or eliminating it after a certain amount of time.