What are some best practices for handling sensitive information?

 

I'm currently creating an application for a customer that will allow them to automatically bill their customers credit cards.

I'm curious as to what are some best practices to safely store and access the credit card information, and for that matter, any other sensitive information, like social security numbers, account numbers and so on.

I'm assuming encryption of some type will be employed, but before I dig in too deep I wanted to see how others are handling these types of requirements.

Not that it matters, but we are designing the software using Microsoft SQL Server for the database, and using C# and ASP.NET.

Read the PCI requirements. Everything will be there.

Actually, you must follow them.

1 - don't even collect SSNs unless you really need them. And unless you're a bank or the government, chances are you don't.

2 - don't collect other sensitive info unless you really need to

3 - use whatever controls are appropriate (separate machine for the database, firewalled, access controlled, etc) for the stuff youdo really need to keep.

Use aggressive standards to secure the host system both in terms of OS and physical security, such as the NSA guidelines.

Put the database on a separate system from the web server or other functions to prevent physical access and permission escalation exploits.

Program defensively to avoid SQL injection attacks and similar exploits.

When developing, program with security in mind first. Coming back afterwards and applying security will be difficult and error prone.

Try to separate the various parts of the application... ie don't use the same viewer or controller for "public" access and "private" access.

Be aware of and comply with all local laws regarding handling of this data... There are a lot of them out there.

Keep a supply of envelopes around to notify your customers in the event of a breach. If you lose information for 26 million customers, you might not be able to acquire enough envelopes to meet the legal timeframe for notifying them of a breach.

链接地址: http://www.djcxy.com/p/26418.html

上一篇: 如何使用JavaScript / jQuery获取表单数据?

下一篇: 处理敏感信息的最佳做法是什么?