Beefy Boxes and Bandwidth Generously Provided by pair Networks Frank
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: A question of security

by Zaxo (Archbishop)
on Mar 21, 2005 at 08:53 UTC ( #441148=note: print w/ replies, xml ) Need Help??


in reply to A question of security

One thing jumps out at me from your description. I'd be wary of storing the credit card information in the database, even temporarily and even encrypted. You haven't said who can see that database, but some of your comments sound like some people can, and that the number is growing.

I'd suggest you get some in-house review of this if you can. We can comment more if you publish the code here, but you should show it to people with some responsibility to your company, too.

After Compline,
Zaxo


Comment on Re: A question of security
Re^2: A question of security
by ropey (Hermit) on Mar 21, 2005 at 10:13 UTC
    Hi Zaxo
    Yes in a ideal world I would agree, I am unfortunately stuck in a bad situation as I would ideally have some online payment gateway to use but thats not the case and the powers that be are happy. With access to the database, thats locked down pretty tight and everything is encrypted so I dont think thats a real risk, the risk is the users who have access to the billing system but thats the same for many other systems as well that staff can view users details... I just want to reduce the risk as much as I can

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://441148]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (3)
As of 2014-04-21 00:26 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (489 votes), past polls