OWASP Periodic Table of Vulnerabilities - Insufficient Data Protection

Return to Periodic Table Working View

Root Cause Summary
Sensitive data is not sufficiently protected against disclosure, modification or non-repudiation.

Perimeter Solution
None

Generic Framework Solution
Provide a configuration-based suite of encryption utilities for all data security needs including HMAC, symmetric, password hash, and asymmetric encryption requirements.

Custom Framework Solution
None

Custom Code Solution
Identify which kinds of data need to be protected, for example Personally Identifiable Information (PII) or authentication and identification data.

Discussion / Controversy
Data protection laws vary from country to country. Ensure that the correct mitigations and protections have been taken. US data protection law