It is important to map data movement and exposure in order to keep it secure. Mapping helps to define the "attack surface", raises awareness of vulnerabilities, and helps developers to expect the unexpected. You cannot secure a doorway that you do not even know exists.
Take inventory of where data enters your systems, how it moves between system parts, where it is stored, and how it is returned to the user or to other outlets. These are all exposure points.
Data input is the most obvious. You should be suspicious of all incoming data.
Data in transition can be insecure if it passes through insecure hardware, vulnerable software, or if the data is translated or transformed in any way.
Data in storage is vulnerable if physical access to the storage is insecure (e.g. access to a server room) or if the access controls on the storage are insecure (e.g. weak database passwords).
Data output can be manipulated to generate unexpected results or to gather information. For example, imagine a username stored in the database containing malicious JavaScript code. It is harmless in the database, but retrieving it and outputting "Hello {$username}" on an HTML page becomes dangerous.
