• Enable HTTPS, Transmit all Data Securely • Never Store Data in ClearText • Encrypt, using known best practices, don’t roll your own. • Ensure that there is no cache where sensitive data is concerned • More Information: • https://www.owasp.org/index.php/Top_10_2017-A6- Sensitive_Data_Exposure • https://blog.detectify.com/2016/07/01/owasp-top-10-sensitive-data- exposure-6/