So you've locked down your user input validation, your authentication/access control, and even your error handling. What else could possibly go wrong? If you're not careful about what data you store and how you protect it, you can cause serious damage to your users or even be held legally responsible for data breaches.

Protecting the back-end storage of your application is just as important as locking down the front-end user interface and web server. Some of the most common mistakes include: