duncan gray wrote: > I'm guessing that you would need something along this > line. > > A SSL certificate for encrypting server - client > communication. > Encrypted DB. > A firewall. > > Is there anything else?
A secure way of getting the details off the system and into the hands of someone. Either a secure (pgp/gpg) email system, OR a procedure for sending the information to an email account on the box that you read through webmail over a secure connection, or some other way of reading the credit card information over a secure connection. And how about a procedure in place to get those credit card numbers OFF the system on a regular basis so if it is hacked, you won't end up on the six-o'clock news. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net P. O. Box 52672, Riverside, CA 92517 voice: (909) 778-9980 * fax: (702) 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
