Developing Security
In this section, we’ll examine terms and concepts regarding how to identify the data you need to secure and explain three extremely important ways to secure your website.
Too often, when developers start to build an ASP.NET web project, security is usually applied at the end of a project as opposed to being proactive and aware of security measures. One approach for implementing security is to examine your applications and look for these types of highly sensitive data throughout:
- Name and location
- Usernames and passwords
- Contact information (phone number, email address, and so on)
- Social security number
- Financials (customer plans, credit cards, and so on)
- Database connections
- Custom settings
Depending on the intent of the web application, other types might be involved, such as specific access to a section where permissions are implied. Other types of data could be considered sensitive based on industry or even government...
