As developers we often forget that users put a lot of trust in us to do not just the most efficient and expedient thing to make sure their experience between landing on our site and finally purchasing those tanned buffalo leather swim shorts is quick and easy, but also to do the right thing with their information. We often fail to scrutinize data properly, adding weak points into our applications and possibly providing the information we have stored to a person with less naive motives. We are on the front lines of data security, although most of us only have a pail and a tooth brush and are not expecting any attacks or unscrupulous users to come our way.
Little do we know, our past is pock marked with horrible events of user security and we need to be prepared. Many of you may not realize how insecure the internet fundamentally is. Two and three factor authentication is now the norm, and VPN is now the only way to conduct any business with anyone on a network. There are worms, and SQL injection and many other forms of malicious entities out there. We cant possibly guard ourselves and sites from them all. The net is fundamentally a battleground; a battle between good and evil that will go on for eternity. Where one man stops and says … “I cannot be hacked!” … another picks up and tears them apart. The only thing we can really do is protect the information so that when we are hacked nothing of any value is lost.