I'm in a startup. Big companies have dedicated teams for security and still face leaks etc. What are some of the essential things about security that I need to know about? Some I can think of are:<p>1. Don't implement stuff on your own
2. If you don't need it don't store it
3. Assume you're already hacked. Isolate different areas of your system<p>What other simple things are there that would go a long way in protecting a user's data?
<a href="https://en.wikipedia.org/wiki/Crypto-shredding" rel="nofollow">https://en.wikipedia.org/wiki/Crypto-shredding</a> helps to deal with backups.