From c2437f8b8263c5442932bca8cd2a3ec498ab6c5d Mon Sep 17 00:00:00 2001 From: VinayaSathyanarayana Date: Mon, 3 Feb 2020 10:17:07 +0530 Subject: [PATCH] Update with Encryption of PII Data Added: Encryption of PII Data --- sections/security/commonsecuritybestpractices.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/sections/security/commonsecuritybestpractices.md b/sections/security/commonsecuritybestpractices.md index 5221a724..2280af5d 100644 --- a/sections/security/commonsecuritybestpractices.md +++ b/sections/security/commonsecuritybestpractices.md @@ -95,5 +95,17 @@ Going on, below we've listed some important bits of advice from the OWASP projec - Applying context-sensitive encoding when modifying the browser document on the client-side acts against DOM XSS - Enabling a Content-Security Policy (CSP) as a defense-in-depth mitigating control against XSS +## ![✔] Protect Personally Identifyable Information (PII Data) + +- Personally identifiable information (PII) is any data that can be used to identify a specific individual +- Protect Personally Identifyable Information in the Applications by encrypting them +- Follow the data privacy laws of the land + + +- Reference laws: + +- European Union: GDPR - https://ec.europa.eu/info/law/law-topic/data-protection_en +- India: https://meity.gov.in/writereaddata/files/Personal_Data_Protection_Bill,2018.pdf +- Singapore: https://www.pdpc.gov.sg/Legislation-and-Guidelines/Personal-Data-Protection-Act-Overview