Data protection by design and default

Data protection by design and default
As part of getting your making the site GDPR ready, the site may need to encrypt personal data for our users during any transfer of the data. The General Data Protection Regulation (GDPR) requires that customer data is encrypted during all communications, internal and external.
Your organization is responsible for implementing any appropriate technical or organizational measures to ensure the encryption of personal data during any communication or processing of personal data.

Enable SSL for database connections in runtime environments

Enable SSL for database connections in a development environment

Enable enhanced audit logging

Related concepts
General Data Protection Regulation (GDPR) and WebSphere Commerce