1. Comply with PCI Data Security Standard

2. Check your point-of-sale (POS) systems

3. Minimize Data Storage

4. Encrypt or truncate your data.

5. Check your settings and passwords

6. Prevent employee fraud

7. Replace missing or outdated security patches

8. Use and regularly update anti-virus software

9. Be careful with your documents 

10. Regularly test security systems and processes

via itbusiness

 

• Put measures in place to detect attacks.

 

• Install reliable and verifiable backups of critical data systems.

 

• Know every person who has access to your network data.

 

• Educate workers and all others who have access to your network.

 

• Initiate a company policy.

 

• Keep current anti-virus software and anti-malware on all systems.

via timesdispatch

Validate user input before using it for processing/display

1. Avoid displaying values entered by user directly from request object

2. Restrict HTML tags as user input

3. Do not directly pass user input to SQL Stored procedures from asp without filtering

Protect the website from bugs and vulnerabilities

1. Create a Batch File and run it on website log file regularly for tracking IP Address of Potential hackers and block them

2. Subscribe to Microsoft security bulletin email alert and install latest security patches

via asp101

1: Change default passwords

2: Don’t reuse passwords

3: Disable user accounts when an employee leaves

4: Examine security logs

5: Do regular network scans

6: Monitor outbound network traffic

7: Patch and update regularly

8: Implement a security plan

9: Raise user awareness about information security

10: Get upper management to buy in

via techrepublic

pic via online-tech-tips