DEV Community

Discussion on: What are some fundamentals of security every developer should understand?

Collapse
jjmpsp profile image
Joel Murphy

In Europe we must comply to GDPR which is coming into practise in the next few months. We’ve had to implement what you mentioned on every single system which holds more than one piece of identifying information about a user.

Collapse
dmerand profile image
Donald Merand

So it's not just a good idea, it's the law ;)

Collapse
namirsab profile image
Namir

What did you do, just hash or encrypt everything? We are facing the same right now.

Thread Thread
jjmpsp profile image
Joel Murphy

Not everything, just database tables containing personally identifiable information. You’ll want to encrypt this information rather than hash it, as you’ll more than likely need to retrieve it at a later date. Here is a good read which explains the legislation in more detail: techblog.bozho.net/gdpr-practical-...