New Response

« Return to the blog entry

You are replying to:

    • avatar
    • Declan Lynch
    • Posted on Wed 14 Sep 2011 06:50 AM

    To extend on Dragon's comments, the personal information should not even be stored on any server that is accessible from the web.

    I'm working on a credit card processing site for work. We added in TWO new domino servers, each in their own Domino domains and only one of them accessible via http in our dmz, the second is on internal network only, has no http etc.

    The two servers are cross certified and when the user enters in credit card and personal data the data is captured via agent and moved to the storage database on the other server.

Your Comments