The old adage “prevention is better than cure” certainly applies to data privacy. A small amount of harmful code uploaded to your website can cause enormous damage, from an open-ended pop-up to stolen sessions or passwords and even a complete system breach. It is important to include in your security policy for data how often and by whom you look over your system for malicious code and what safeguards are in place to reduce the risk.

Update your software or scripts that you use on your website regularly. Hackers aggressively target security flaws in popular web software programs and an absence of timely updates opens your system up to attack. It is also recommended to restrict access to your network or database to only the minimum number of users needed to complete their work.

Make a plan to handle possible breaches. You should assign a member of staff to basics oversee the process. Depending on your company you may have to inform customers, law enforcement and credit bureaus. This is a serious step that should be planned well in advance.

Set up strong password requirements and ensure you have a way to store passwords. For instance, you should require upper and lowercase characters, numerals, and special characters. Additionally, you can use salt and slow hash functions. Avoid storing sensitive information about users and when you need to reduce the risk, do so by encryption or deleting the information after a certain period.