How to mitigate the risk of Sensitive Data Exposure?

Email: maixuanviet.com@gmail.com
Skype: maixuanviet.com@outlook.com
Linkein: <a href="https://www.linkedin.com/in/maixuanviet" rel="noopener noreferrer" target="_blank"> linkedin.com/in/maixuanviet
HackerRank: <a href="https://www.hackerrank.com/vietmx" rel="noopener noreferrer" target="_blank"> hackerrank.com/vietmx
Github: github.com/vietmx
Tiktok: <a href="https://www.tiktok.com/@maixuanviet.com" rel="noopener noreferrer" target="_blank"> tiktok.com/@maixuanviet.com

Technology Community › Category: Web Security › How to mitigate the risk of Sensitive Data Exposure?

VietMX Staff asked 3 years ago

Following are the mitigation techniques employed for secure applications from Sensitive data exposure:

Prepare a threat model to secure data both in transit and at rest from both types of the attacker( e.g. insider attack, external user)
Encrypt data to protect it from any type of cyber attack.
Never store sensitive data unnecessarily. Discard it as soon as possible. Data you don’t have can’t be stolen.
Disable autocomplete on forms collecting sensitive data and disable caching for pages that contain sensitive data.
Always implement and also ensures strong standard algorithms and strong keys are used, and proper key management is in place. Consider using FIPS 140 validated cryptographic modules.
Ensure passwords are stored with an algorithm specifically designed for password protection, such as bcrypt, PBKDF2, or scrypt.

Question Tags: Middle Level, Web Security