August 2018
Beginner
594 pages
22h 33m
English
Content preview from Software Architect's Handbook
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Sensitive data exposure
This security risk involves not properly protecting sensitive data such as social security numbers, credit card numbers, credentials, and other important data. The first step is to identify what data elements (or combinations of data elements) are sensitive.
Only store sensitive data if it is necessary and discard it as soon as possible. Data that isn't retained in any way cannot be stolen. Earlier in this chapter, we discussed the different states of information. When sensitive data is at rest, it should be encrypted everywhere it is stored long-term, including backups of the data. When sensitive data is in transit, it should be encrypted with secure protocols. Strong and up-to-date encryption algorithms should be ...