run2004
asked on
Sensitive information in non secured environment.
Hello friends,
Can you please let me know how critical it is to collect the Social Security number in non secured environment. I mean collecting the SSN in a webpage that has a web address starting with http.
Is this OK to to have this approoach or there is any standard to be followed to protect the sensitive information.
Thanks!
Run2004
Can you please let me know how critical it is to collect the Social Security number in non secured environment. I mean collecting the SSN in a webpage that has a web address starting with http.
Is this OK to to have this approoach or there is any standard to be followed to protect the sensitive information.
Thanks!
Run2004
you should try to avoid non secure way to collect sensitive information
also when using SSL ,try to use best encryption method to make the data secured and if possible protect user information off-line too
also when using SSL ,try to use best encryption method to make the data secured and if possible protect user information off-line too
It would not be recommended.
You should read through the privacy act.
http://www.usdoj.gov/04foia/privstat.htm
You should read through the privacy act.
http://www.usdoj.gov/04foia/privstat.htm
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Dear run2004,
Is any further assistance needed ?
If not please close the topic and assign
me the points.
Thank you
;-)
Is any further assistance needed ?
If not please close the topic and assign
me the points.
Thank you
;-)
kaerez - a somewhat cheeky comment...
:-)
:-)
It is recommended to use an https connection (which will encrypt the data
from the user to the server) and use a secure inaccessible database to store
the data - usually in encrypted form.
You can receive a free SSL certificate at www.cacert.org