Apparently a social media site got hacked recently, or perhaps an employee put some of their unencrypted date on a public server. I won’t go into the details, but I am sure you can find it on the web.
With that in mind, I will share an application privacy workshop I gave to Code for Boston in May 2019. Securing web sites is hard especially when you have other people’s private or sensitive data. In the talk I lay out steps web programers, designers and quality assurance folk can do to better secure their websites sites.
A video of the talk is on YouTube:
I posted the slide deck as a PDF. Feel free to offer suggestions in the comments below.
Be well and stay safe.