Adding another best practice to Joe Kroback’s seven best practices for keeping sensitive data out of logs:
8. Obfuscate sensitive data-in-use at all times so you never transact or manipulate it in clear text. No clear text sensitive data-in-use means no clear text sensitive data in logs.
The original seven best practices summarized here (original article linked below)
7. Automated Alerts using Regex
6. QA using sensitive data
5. Code Review
4. Structured Logging with a blacklist
3. Redact data where possible
2. Keep sensitive data out of URLs
1. Compartmentalize sensitive data.
Interested in learning more about how Titaniam can help? Get started today with a demo