Hi,
I'm looking for a "best practice" in handling secure data that was obtained via an https connection to an apache web server.
The scenario is that a client passes on trusted information via an SSL https connection - eg.. Credit Card #, social security/NI number etc.
This is secured getting to the web server but the issue is how best to pass that info on to another user/location once obtained?
Assuming the data is not to be stored on the apache server but immediately trasnferred to the 'head office' for processing, would it be best to have a php script email the data using PGP/GPG encryption etc? Or is there a 'better' accepted practice to transfer the data on without storing it on the web server?
Many thanks...
I'm looking for a "best practice" in handling secure data that was obtained via an https connection to an apache web server.
The scenario is that a client passes on trusted information via an SSL https connection - eg.. Credit Card #, social security/NI number etc.
This is secured getting to the web server but the issue is how best to pass that info on to another user/location once obtained?
Assuming the data is not to be stored on the apache server but immediately trasnferred to the 'head office' for processing, would it be best to have a php script email the data using PGP/GPG encryption etc? Or is there a 'better' accepted practice to transfer the data on without storing it on the web server?
Many thanks...