Protecting confidential and sensitive data in software engagements

The first control is cultural: treat every engagement as confidential from first contact. A mutual NDA before sensitive material changes hands sets the tone, and being willing to work under a client's own security terms signals that you take their obligations as seriously as they do.

Most data exposure is not dramatic — it is an over-broad access grant that was never revoked. The defence is boring and effective:

• Grant access scoped to the specific people and systems involved.
• Require multi-factor authentication on anything that can reach client systems.
• Revoke access promptly when an engagement ends or a role changes.

The safest data is the data you never copied. Prefer anonymised or synthetic data for testing, keep production datasets out of local machines, and define a retention window up front so information does not linger indefinitely after it has served its purpose.

Confidentiality does not end at go-live. A trustworthy engagement closes with credentials rotated, working copies destroyed, and ownership of everything transferred to the client. The goal is to leave no residue — no lingering access, and no lock-in.