Welcome back! If you missed Part 1, you can check it out here!

Now some “do’s,” which are mostly about the technical measures needed to protect personal data (outlined in article 32). They may be more “ops” than “dev,” but often the application also has to be extended to support them. I’ve listed most of what I could think of in a previous post.

• Encrypt the data in transit. That means that communication between your application layer and your database (or your message queue, or whatever component you have) should be over TLS. The certificates could be self-signed (and possibly pinned), or you could have an internal CA. Different databases have different configurations, just google “X encrypted connections. Some databases need gossiping among the nodes – that should also be configured to use encryption.

Read full news article on Dzone