[Willy Vazquez]

One of the OWASP security principles is Cryptographic failures. This is critical as to protect sensitive data when in rest and in transit. Information such as passwords, credit card numbers, health records, personal information, and business secrets all require more protection and failure to apply the necessary protection may lead to these crucial pieces of information to be seen. There are a number of ways to prevent this data being stolen such as not storing sensitive data for longer than need because data that is not stored cannot be stolen. Another step that you can take is simply encrypting the data when at rest and when in transit this way the data does not appear in clear text making it harder to steal the information. Automatic decryption when retrieving information or data can also lead to problems and a possible attack that would leave the sensitive information in clear text.