Protecting personal data in online services: learning from the mistakes of others

Monday May 19th, 2014

The ICO has identified eight important areas of computer security that have frequently arisen during investigations of data breaches. These areas are the focus of this report.

The eight areas are:

  • Software updates
  • SQL injection
  • Unnecessary services
  • Decommissioning of software or services
  • Password storage
  • Configuration of SSL and TLS
  • Inappropriate locations for processing data
  • Default credentials

For each area, the ICO provides advice on:

  • what data protection problems might be caused
  • good practice for avoiding those problems

To view the report click, here.

Leave a Reply