Msg#: 4333085 posted 2:41 pm on Jun 30, 2011 (gmt 0)
I am working with a staffing company and they want an online application for their website, but they want to include sensitive info such as SSN#. I know I'd want to use SSL but beyond that I am not sure of what the best practices are for this kind of info.
Since I know email can be easily grabbed and would be unencrypted, I was thinking about storing the SSN in a DB in an encrypted format and requiring them to have a key on their end to unencrypt that info on screen only (ie, the info doesn't travel through email).
Would love to hear thoughts here. I know its generally a bad idea to ever have SSN in a form but people have to do it online for sites such as this....so there has to be a legal, reasonably safe way to do this.
Msg#: 4333085 posted 3:56 pm on Jun 30, 2011 (gmt 0)
As soon as you use the word "legal" there are two things that must be kept in mind: 1. We are not lawyers, for definitive legal advice you need to go to a professional in your own jurisdiction. 2. This is an international forum and privacy laws vary a lot. What is considered normal practice on one side of Niagra Falls could get you into serious trouble on the other.
Msg#: 4333085 posted 4:47 pm on Jun 30, 2011 (gmt 0)
Sometimes "no" is a perfectly valid answer, even if clients don't like it. You could follow PCI compliance rules as if it were CC info, and although you're **probably** going to be off the hook if the data is breached - it will be on the site owners - but in the grand scheme of the universe, do you want to take that karma on? I wouldn't.
I usually explain it in terms of the liabilities they are suggesting: in order to do anything like this you need secure hardware, networks, security audits, and consultations with lawyers to determine the breadth and depth of what they are getting into. Then I send a couple links - most lately, Sony and Groupon's India unit. Most of the time they will modify their plan to collecting non-sensitive info and collect that later over the phone or in person. Cheaper = safer. :-)
Your plan is a reasonable one but remember if the server gets hacked, they can find your decryption key (which is why the hardware and system security is so critical.)