Load Balancers

OWASP Top Ten Series: Sensitive Data Exposure


What is Sensitive Data? There is an argument to be made for saying that all data is sensitive. Certainly, some data which might be sensitive for one person, another person might not worry about posting on a blog or social media. In the context of data security, however, sensitive data is usually classed as information relating to healthcare records, financial information (credit card details, banking details), personal information (address, date of birth, national insurance number, social security number), and user account information for IT systems.

It’s vital that information like this, which is sensitive or could be used to identify individuals, is protected and kept secure at all times. This includes when the data is at rest in databases and on servers, when it is in transit across public and private networks, and when it is being used by an application and displayed to users.

Failure to ensure that sensitive data is protected can be catastrophic for both individuals and any organization that has failed to protect the information. Consequences such as identity theft, financial loss, and privacy violations can affect people whose information is compromised. And organizations can experience reputational damage, financial penalties, contractual disadvantages and a loss of trust in their brand and messaging.

How to protect against Sensitive Data Exposure

Security is a multifaceted endeavor. As outlined in the OWASP Series article on Security Misconfiguration, there are many ways to expose vulnerabilities in web applications. You should definitely read and think about the advice in that post and the other OWASP articles. In specific reference to preventing Sensitive Data Exposure, some advice is given below.

Exit mobile version