in reply to Essential CGI Security Practices
Peer Review - Apply several pairs of competent eyeballs to the code. A skilled colleague, reading the code with a "how would I break this" hat on is a great way to uncover subtle problems.
Data Security - Keep sensitive, missions critical data off of the web server box, especially if you're dealing with credit cards. Encryption isn't always enough.