What Are The Security Risks When Your Programmers Store Data In Plain Text?

If you are an owner of a business then while you probably know a lot about it there are probably certain sections of the company that you are not that familiar with. This is of course nothing to be ashamed of. Nobody can be expected to know everything about their business. This is what we hire people for. Well there are two reasons why we hire people. The first reason we hire people is because we might have an overflow of work. The second reason why we hire people is because they are trained to do something that we are not qualified to do. The second reason pops up more and more depending on how large your business is.

This is even more true in the digital age that we live in now. You are starting to see more and more people have to rely on technology that they didn’t have to before. 20 years ago the only time you had to worry about having to hire someone who knew how to use a computer is when you were doing complicated algorithms or planning a war. Now that is no longer the case. Most of the business that we conduct today has a computer involved and there is a good chance that your business depends heavily upon it.

What Are The Security Risks When Your Programmers Store Data In Plain Text?

Custom software at your business

Sometimes your business just does not rely on software and computers but it is the lifeblood of the business. There are plenty of brick and mortar businesses today that rely on the internet. You might sell your goods online and you need a web site to represent yourself. To do that you have to hire people to both run it and make it. Sometimes these people might be one in the same but more times than not they are different people. So when you start to get into the world of the internet then you have to start worrying about security concerns when it comes to your web site.

When your customers trust you to handle their data with precaution you must be sure that you are doing just that. It is not good enough to have a good design or offer a good product; you must also ensure that the product is safe as well. If it is not then you can easily lose the trust of your customers.

Making sure that your workers follow safe programming habits

While you might not know that much about the technology yourself, you should learn just enough to know whether the programmers that either work for you or you have contracted are following safe programming procedures. While you may trust them, it is not their company and they do not have as much to lose as you do. And if you cannot learn enough to be able to know if what they are doing is right or not then you should make sure that you hire a third party auditor to make sure that the code is safe.

There are several things that a code audit should look for but the number one item on the list is whether your company is storing passwords correctly. You must worry about both the people who work at the office passwords and also the people who do business with you. This is especially true if you have a business who stores credit card information.

The password itself must have several layers of work done to make sure that it is safe. First you have to remind your users to make sure that they do not use simple to guess passwords. Also you should remind them to not use passwords that they use on other sites. This advice is very important and hopefully they will listen to you.

But when it comes to your programmers, they must make sure that the password is properly encrypted. There are several built in technologies in any programming language that the programmers choose to use that will ensure that this is done. They just have to be sure that they implement the function. A password that is stored in the database as plain text is asking to be exploited. A strong encryption algorithm will make sure that even if your server is broken into, they still will not be able to read the data. Also they must make sure that the password is properly salted. This is adding a bit of text or numbers to the password that they choose to help make the internal encryption stronger. The end user never sees the addition of the salted password. If you follow these steps then you are on the first steps to making sure that your customer’s data is safe.

If you own a business then you want to make sure that your data is safe. If you don’t then you are going to lose your customers trust and they won’t do business with you anymore.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind