Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

eCommerce Tycoon


You are currently viewing our eCommerce Tycoon as a guest. Please register to participate.
Login


Tycoon Talk > SEO & Internet Marketing Tycoon > eCommerce Tycoon > Storing Customer Details Securely

Reply
Storing Customer Details Securely
Old 10-08-2008, 06:20 AM Storing Customer Details Securely
Junior Talker

Posts: 1
Trades: 0
Talkupation: Lord_Webby is on a distinguished road
I am creating a site that will be used to hold information about customers and their credit cards. I will not be storing or processing PAN (Primary account numbers) in any way, so I know PCI-DSS (Payment Card Industry - Data Security Standards) do not apply. But does anyone know of any regulations regarding storing customer data in a database?
The Data Protection Act is a bit vague - I can't seem to find information regarding specifics. For instance, I've been told that if you are holding customer data it needs to be on a seperate server to the website. Is this true?
Does anyone know of any specific documents / standards regarding storing customer information entered through the web?
Any help would be appreciated. Thanks.
Lord_Webby is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 10-08-2008, 09:29 AM Re: Storing Customer Details Securely
chrishirst's Avatar
Missing! presumed drunk.

Latest Blog Post:
A Simple DHTML Tabbed Interface
Posts: 41,528
Name: Chris Hirst
Location: Blackpool. UK
Trades: 0
Talkupation: chrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond repute
Quote:
I've been told that if you are holding customer data it needs to be on a seperate server to the website. Is this true?
Yes. that way the data access HAS to via a trusted and controlled route, so it removes or drastically reduces the possibility of maliciously installed daemons on the web server being able to access the database server directly.

The Data Protection Act is not about HOW the data is secured, it's more about what you can store, who has access to it and the rights of the people referenced being able to see and correct it if necessary.
__________________
Chris. ->> Links are advertising NOT optimising!! <<-
A foolish consistency is the hobgoblin of little minds
Thought for today:- I SEO the only industry where all the cowboys are Indians?
chrishirst is online now
Reply With Quote
View Public Profile Visit chrishirst's homepage!
 
Reply     « Reply to Storing Customer Details Securely
 
Previous Thread | Next Thread Tycoon Talk > SEO & Internet Marketing Tycoon > eCommerce Tycoon > Storing Customer Details Securely

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.33153 seconds with 12 queries