DrupalCon Seattle 2019: Data Security in Drupal 8
Your website’s data is at risk, but knowing how to protect it can mean the difference between another day in the office and a data breach. By building in encryption from the beginning stages of your site, you will avoid headaches from having to bolt it on after the fact and have more tools at your disposal to keep your users secure. This session will cover what’s new with security in Drupal, best practices for handling private data (email addresses are they really private), and case studies of real-world examples on how to apply these to your next site. Drupal 8 Security Improvements and what they mean to you How Drupal 8 stores data - from form to database Modules you can use to enhance the security of your site Encrypt Module Real AES Module Contrib modules around encryption Key Module Benefits of centralized key management Limit breaches as a result of poor API or key management How to leverage and extend the Key for your contrib module Best practices around creating and storing data Identifying personally identifiable information (PII) and when to use enhanced security to protect it E-Commerce best practices How to properly collect and sanitize user input Case Studies in Data Security E-commerce Enterprise Education The session audience will leave with a greater understanding of Drupal security, best practices in keeping their data safe, and what tools they can use in the process.