Results 1 to 2 of 2
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Northern California
    Thanked 0 Times in 0 Posts and "Hacker Proof" seal?

    I'm not sure it this is where the thread should go, but it looks like the best fit.

    Given the recent security breach with I'm curious if there is an organization that certifies that a site follows best practices to secure their customer's data? Organizations like VeriSign appear limited to authenticating the transaction, but not the security of the stored data.

  2. #2
    5 Star Lounger
    Join Date
    Dec 2009
    Milwaukee, WI
    Thanked 64 Times in 52 Posts
    No such thing as "hacker proof". Locks are for keeping honest people, well, honest. Unless they are a bank or a health care system, there is little regulation around it (other than PCI compliance) that forces anyone to seek any kind of certification (if it exists). Many companies do regular penetration tests (usually contracted to a 3rd party securty firm) to test thier security integrity. But I fear that advertising any certification process or security methodology is like putting a sign in front of your house who your security company is. It might make the bad guy move on, or it might help them in knowing what holes aren't fully covered.

    The loss of customers and reputation is enough for most companies to maintain good security pratices. And those practices are only as good as tools used, and the admins implimenting them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts