Privacy of data is a situation where the old adage “prevention is better than cure” is definitely true. A tiny piece of malicious code posted on your website could cause massive damage. From the pop-up, to a system compromise, or even a stolen session or password. As part of your security measures for data you should specify the frequency and manner in which your system is scanned for this kind of malicious code and what security measures are in place to mitigate the risk.
Be sure that the software platforms or scripts that you use on your websites are updated regularly. Hackers are targeting security flaws within popular web software, and a deficiency in timely updates makes your system vulnerable. Additionally, you should restrict access to networks or databases to the least number of people required to perform their job.
Create a response plan to deal with potential breaches, and assign a staff member to manage this process. Depending on your business you may have to notify customers, law enforcement and credit bureaus. This is a serious issue that must be planned in advance.
Create strong password requirements and make sure you have a method to store passwords. For example, you may need to use upper and lowercase characters, numerals, and special characters. You can also use salt and hash functions that are slow. Avoid storing unnecessary user data, and when you do, lower the risk by encryption the data or the deletion of it after a set period of time.