Store state information from applications and software separately.

If a system is compromised, storing applications and software separately from state information about users’ interactions with an application may better protect individuals’ privacy.