The old adage “prevention is better than cure” certainly applies to data privacy. A small amount of harmful code uploaded to your website can cause massive damage, from an open-ended pop-up to stolen sessions or passwords and complete system compromise. As part of your data security policy it is important to define the frequency and manner in which your system is scanned for this discover this type of malicious code and what security measures are in place to reduce the risk.

Ensure that any software platforms or scripts that you use on your sites are updated regularly. Security flaws are being targeted by hackers in the most popular web applications, and a lack of timely updates leaves your system vulnerable. It is also recommended to limit database or network accessibility to a minimum number of people necessary to perform their task.

Make a plan to deal with potential breaches and assign a member of staff to manage the process. Based on the nature of your business, you may require notification of consumers, law enforcement, customers and credit bureaus. This is a serious process that should be planned out in advance.

Create strong password requirements for consumer accounts. Make sure you have a method to store passwords, including the use of upper and lowercase numerals, letters, and special characters, or using salt and slow hash functions. Avoid the unnecessary storage of confidential information about users, and if you do, minimize the risk level by encrypting the data or the deletion of it after a set period of time.