Data privacy is a matter where the old adage «prevention is better than cure» certainly applies. A single piece of malicious code that you upload to your site can cause huge damage. From an ad-hoc pop-up to a system breach, or even a stolen session or password. As part of your data security guidelines you should specify how frequently and by whom your system is scanned for this type of malicious code. Also, you should determine what safeguards are in place reduce the risk.
Update any software or scripts which you use on your website regularly. Security flaws are being targeted by hackers in the most popular web applications, and a lack of timely updates leaves your system vulnerable. In addition, you should restrict access to your network or database to the minimum number of users required to do their job.
Create a plan of action to address any potential breaches and designate an employee to oversee this process. Based on the nature of your business, you might need to notify the law enforcement, consumers, customers and credit bureaus. This is an important procedure that should be planned for well in advance.
Implement strong password requirements for consumer accounts. Ensure that you have a reliable method to store passwords, like requiring the use of lower and uppercase letters, numerals and special characters, or using salt and hash functions that are slow. Avoid storing sensitive user data, and if you do, minimize the risk by encryption the data or the deletion of it after a set period of time.