Hey!

What would be a good way to store my clients passwords, information cedit cards etc. where no one but me can access the information?

I didn't want to save the information on my computer, which connected to the Internet because I'm pretty sure it's not very secure even though I have a firewall...

I've tried saving the info on a floppy disk, but that's too annoying and I have to do it 3 times on 3 differen't folppys disk just incase one crashes...

I've tried MS Access 2000 on my computer but I don't know how secure that is...

Can anyone give me some ideas on what to do? Would password protecting a secure server work?

Thanks for your help!

Get a USB thumb drive or a small PDA.

That opens the door to multiple methods of storing the information and making sure its encrypted ans ecure.

Chris

Thanks Chris,

Do you know where I can get more information on those?

Thanks

Ben

On a thumb drive or pda?

Try bestbuy.com

not exactly sure what type of information you're looking for.

Chris

What they are really :)

I know what a USB thumb drive is but what is a PDA?

Ben

A safe bolted to the floor without a constant network connection.

You really shouldn't be storing client Credit Card information unless your storage methods conform to the CiSP (Cardholder Information Security Program (http://usa.visa.com/business/merchants/cisp_index.html?ep=v_sym_cisp#b)

OK, thanks :)

How secure are USB thumb drives anyway? Can they be accessed by a remote computer?

thanks again guyas for your help!

I think I have seen some secure thumb drives before.

Never looked into how they work exactly, but Im sure that data gets encrypted some how.

A regular thumb drive with the help of some software to password encrypt your data would probably be just as good.

Chris

OK thanks again.

My firewall should help anyway :)

Well, you can't completely trust a firewall to prevent users from being able to get in. Your network and computer is only as secure as you can make it, and the only way for your computer to be completely secured over the internet, as the old saying goes, is to have it not connected to a network. But, when it comes to security of the USB thumb drives, the reason some people might think of it as secure is if you copy the data to it and drop it in a safe where nobody has access to. Then no internet users will be able to access the data then.

But, if you're looking at doing more transactions in the future, your best bet is to go to a trusted bank (ie: Wells Fargo) and sign up for their online transaction based system. They have a service that allows users to sign up for repeated transactions and their credit card numbers get stored in some secure database or something... and that I know will comply to that Security standard above.

When you say "network" you mean local computer right? I do have a network but it is between only two computers which I only use. Is that ok?

Yes, for credit cards you should definetly be placing that in a secured environment that fits strict regulations. However, it would seem he also wants to store usernames and passwords (which his bank wont be doing for him).

a secured PDA or secured thumb drive thats removed when not in use, would be best for that end.

Personally I dont think you should be recording either of these peices of information, but if you do, thats how I would do it.

Personally, I have a PDA thats password encrypted, then all my usernames and passwords are stored in an encrypted file that needs password authentication as well.

I do not store credit card information nor my clients passowrds.

Chris

Thanks guys! You've been a great help :)