nodejs/nodebestpractices
1
0
Fork 0
mirror of https://github.com/goldbergyoni/nodebestpractices.git synced 2025-10-30 00:57:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #626 from VinayaSathyanarayana/patch-2

Browse Source 
Update with Encryption of PII Data
This commit is contained in:
Yoni Goldberg
2020-03-08 17:44:44 +02:00
committed by GitHub
parent fe68f78f61 c2437f8b82
commit fa2183ea7e
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
sections/security/commonsecuritybestpractices.md
View File

@ -95,5 +95,17 @@ Going on, below we've listed some important bits of advice from the OWASP projec
- Applying context-sensitive encoding when modifying the browser document on the client-side acts against DOM XSS - Applying context-sensitive encoding when modifying the browser document on the client-side acts against DOM XSS
- Enabling a Content-Security Policy (CSP) as a defense-in-depth mitigating control against XSS - Enabling a Content-Security Policy (CSP) as a defense-in-depth mitigating control against XSS
## ![✔] Protect Personally Identifyable Information (PII Data)
- Personally identifiable information (PII) is any data that can be used to identify a specific individual
- Protect Personally Identifyable Information in the Applications by encrypting them
- Follow the data privacy laws of the land
- Reference laws:
- European Union: GDPR - https://ec.europa.eu/info/law/law-topic/data-protection_en
- India: https://meity.gov.in/writereaddata/files/Personal_Data_Protection_Bill,2018.pdf
- Singapore: https://www.pdpc.gov.sg/Legislation-and-Guidelines/Personal-Data-Protection-Act-Overview
<br/><br/><br/> <br/><br/><br/>