[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Credit cards
- Subject: Re: [cobalt-security] Credit cards
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Tue, 14 May 2002 07:28:29 -0700
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
duncan gray wrote:
> I'm guessing that you would need something along this
> line.
>
> A SSL certificate for encrypting server - client
> communication.
> Encrypted DB.
> A firewall.
>
> Is there anything else?
A secure way of getting the details off the system and into the hands of
someone. Either a secure (pgp/gpg) email system, OR a procedure for
sending the information to an email account on the box that you read
through webmail over a secure connection, or some other way of reading
the credit card information over a secure connection.
And how about a procedure in place to get those credit card numbers OFF
the system on a regular basis so if it is hacked, you won't end up on
the six-o'clock news.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484