Home : Topics : Security : Handling secure information
Software security
Information security
Handling secure information
Scare stories
< Previous: Information security

Handling secure information

Once you have decided which information needs to be handled securely, you need to consider how that information might be at risk, and take steps to reduce that risk.

We will take the example of credit card numbers from an online store.

Maintaining system security

Your first step should be to keep system security as high as possible. Ensure that all software is current and that the software is reliable. (For example, if you use a shopping cart program, make sure there are no known holes in that program and make sure it has been examined by security experts.)

Securing information in transit

Whenever the credit card numbers are transmitted, this must be done securely. For example, the site should have an encrypted connection when the user initially types in the number. However, many sites then send the order details by unencrypted email! Clearly this introduces the risk of interception.

Reducing consequences of failure

No site is perfectly secure. For example, even if you keep your software current, there will always be a period between when a security hole is discovered, and when you install a patch from the manufacturer that fixes that hole.

In order to handle this risk, you must make sure that the consequences of a break-in to your Web site are not serious. For example, you should not store customer credit card details on an Internet-connected machine for any longer than absolutely necessary. You should make certain that the information is deleted, or transferred to a safe, off-Net computer, as soon as possible after the order has been received.

If your system is broken into, you will then only lose a few credit card numbers instead of hundreds or thousands.

Detecting failure

You should have some way of finding out when your site is compromised (for example, by regularly checking logs, though be aware that an intelligent attacker may be able to remove their traces from logs). If you suspect your site might have been compromised, you should immediately set about cleaning the site, selecting new passwords and keys, and so on.