When people use our websites they are allowing us access to data that they hope we handle correctly, this is our users putting trust and faith in us to do right by their data and we should be sure we use their data in a way that does not jeopardise their data.

 

How do you handle user data?

We use encryption on transit and at rest for all user data. Then zero trust protocols for server and backend access .

 

We also have encrypted backups for everything in case we need to destroy and rebuild everything .

 

At the end of the day, it's about good data handling practices, never trusting user input, and monitoring your systems to catch issues as early as possible before they become catastrophes.

 

I would also say store your backups in spaces not directly tied to your main server. Not doing this means a compromise on one server, link, node, whatever could lead to a compromise of the whole infrastructure.