6 Mistakes From Healthcare.Gov And How To Avoid Them


4. Security Holes

Establishing a strong and secure site is crucial today in a digital world of malevolent hackers. Healthcare.gov was riddled with security vulnerabilities, putting user's personal details at risk. In November, 18 major issues were all identified without even hacking into it. These issues included

JSON injection, contaminated URL redirection, cookie theft and exposed sensitive APIs.

"In the case of healthcare.gov, a Government entity and pushing a plan proposed by many people, [security] should’ve been the first thing they thought of," said Khan. "It’s a big target for hackers and that's been the case why it couldn’t handle more users cause of so much traffic. So doing proper penetration testing, vulnerability assessments on the site and using some sort of web application firewall, not just hardware firewall, is needed for additional protection to beat off attacks."