Re: Credit card arrangement

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 63524
interpreted = N
texte = They wanna audit it as well. Use to be they controlled the software etc. Now there are so many hands in the cookie jar, I have to store it, my customer has to store it. We have had to go through numerous network audits its not funny. We had a special device that cloaked our network, no one could tell if a machine had open ports or not. We watched and maintained honeypots etc. Well the credit card companies came in and said hey all your stuff is vulnerable to attack. We no its not, we just dont' let the outside world know what we are doing period. They made us put in a visible and therefore more vulnerable firewall so that they could see what we were doing to protect our network and the hosting/ colocation customers. I think what they are doing is ultimately the right thing. I would much prefer not to hold the CC at all or if I do on a machine that is firewalled from the internet. I just don't want some wanker coming in making us look bad by stealing all our credit card data. You can only imagine the lawsuits that could result if you didn't take reasonable efforts to secure the data. Now don't even get me started on the HIPAA crap! On Nov 30, 2005, at 5:20 PM, Bess Ho wrote: > I think Pat is concerned about storing card whenever it is encryped > or not. So many new rules from visa and mastercard esp this year. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Credit card arrangement ( Scott Szretter 2005)
  2. Re: Credit card arrangement ( Patrick McCormick 2005)
  3. Re: Credit card arrangement ( Patrick McCormick 2005)
  4. Re: Credit card arrangement ( "Bess Ho" 2005)
  5. Re: Credit card arrangement ( Bob Minor 2005)
  6. Re: Credit card arrangement ( Dale-List 2005)
  7. Re: Credit card arrangement ( Donovan Brooke 2005)
  8. Re: Credit card arrangement ( Donovan Brooke 2005)
  9. Re: Credit card arrangement ( Bob Minor 2005)
  10. Re: Credit card arrangement ( "Bess Ho" 2005)
  11. Re: Credit card arrangement ( Donovan Brooke 2005)
  12. Re: Credit card arrangement ( "Bess Ho" 2005)
  13. Re: Credit card arrangement ( Donovan Brooke 2005)
  14. Re: Credit card arrangement ( Donovan Brooke 2005)
  15. Re: Credit card arrangement ( "Bess Ho" 2005)
  16. Re: Credit card arrangement ( Patrick McCormick 2005)
  17. Re: Credit card arrangement ( Marc Thompson 2005)
  18. Re: Credit card arrangement ( Donovan Brooke 2005)
  19. Re: Credit card arrangement ( Bob Minor 2005)
  20. Re: Credit card arrangement ( Marc Thompson 2005)
  21. Re: Credit card arrangement ( Donovan Brooke 2005)
  22. Credit card arrangement ( Patrick McCormick 2005)
They wanna audit it as well. Use to be they controlled the software etc. Now there are so many hands in the cookie jar, I have to store it, my customer has to store it. We have had to go through numerous network audits its not funny. We had a special device that cloaked our network, no one could tell if a machine had open ports or not. We watched and maintained honeypots etc. Well the credit card companies came in and said hey all your stuff is vulnerable to attack. We no its not, we just dont' let the outside world know what we are doing period. They made us put in a visible and therefore more vulnerable firewall so that they could see what we were doing to protect our network and the hosting/ colocation customers. I think what they are doing is ultimately the right thing. I would much prefer not to hold the CC at all or if I do on a machine that is firewalled from the internet. I just don't want some wanker coming in making us look bad by stealing all our credit card data. You can only imagine the lawsuits that could result if you didn't take reasonable efforts to secure the data. Now don't even get me started on the HIPAA crap! On Nov 30, 2005, at 5:20 PM, Bess Ho wrote: > I think Pat is concerned about storing card whenever it is encryped > or not. So many new rules from visa and mastercard esp this year. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Bob Minor

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[if] and [showif] (2002) BannerAds demo (1998) problems with 2 tags (1997) MacWEEK article help needed (1996) WebCat2 - many [carts] on one template page? (1997) [subTotal] pricefield in another database !? (1998) Signal Raised Error (Part II) (1997) Database Upload (2000) Quit revisited (1997) Maybe off topic but how to charge (1997) RE: E-mailer error codes (1997) CloseDataBase vs CommitDataBase (2007) SiteGuard Use Question (1997) [SearchString] usage (1997) maximu values for sendmail! (1997) WCS Newbie question (1997) possible, WebCat2.0 and checkboxes-restated (1997) Bug Report, maybe (1997) 300% usage - Clint (2007) includes and cart numbers (1997)