Recently we used Drupal Content Management System for one of the Website and now the next concern is to make our website and implementation as secure as possible. Files have to be made secure first and than the data in the database. I am applying proper security permissions to all my files and folders but i am yet to make the database secure specially one field which has some credit cards of this website users. Now tell me how to make a column in a database can be made secure and what security module in Drupal must i use to this task.
Securing Data in Drupal
- Thread starter ferrytail
- Start date
You should NEVER store credit card data unless you have to. PCI compliance states that you should never store credit card details unless 100% necessary, and since you are you will have to comply with a SAQ D before you are compliant. YOU MUST encode / hide the data, and NEVER store it in clear text. You also must secure the server storing the data, and keep it on a separate and secure VLAN which is scanned every 90 days for vulnerabilities.
For more information, please check here: PCI Compliance Guide Frequently Asked Questions
For more information, please check here: PCI Compliance Guide Frequently Asked Questions
cygnet_hemang
New member
Drupal has a capability to secure data on your server. There are different plugins available for providing Login security, Update manager protection, hijack prevention and Spamspan filters. Use them to have a secured data flow on your website.