The old adage “prevention is better than cure” certainly applies to data privacy. A small piece of harmful code uploaded to your site can cause massive damage, from a pop-up window opening to stolen sessions or passwords and even a complete system breach. It is important to include in your data security guidelines how often and when you check your system for malicious code and what security measures you have in place to reduce the risk.
Update your software or scripts which you use on your website regularly. Hackers are constantly looking for security flaws in popular web software programs, and in the absence of timely updates, it opens your system up to attack. Additionally, you should restrict access to your network or database to the minimum number of people who are required to complete their job.
Develop a plan of action to deal with potential breaches and assign a staff member to manage the process. Based on the nature of your business you may need to notify customers, law enforcement agencies, and credit bureaus. This is a serious matter that should be planned well in advance.
Implement strong password requirements for consumer accounts and make sure you have a good method for storing passwords, such as requiring the use of upper and lowercase numerals, special characters or using salt or hash functions that are slow. Avoid storing sensitive user information, and when you do, limit the risk by either encrypting the helpful hints data or deleting it after a period of time.