The Best Solution for Customer Data Protection is Something You Don't Have Yet.
Companies competing to earn consumer confidence on the web have been experiencing a big problem recently. Fortunately, InetSolution, Inc. has a tool that solves this problem.
Consumers are scared to death of the poor security most consumer web sites use when handling personal information such as credit card numbers, social security numbers and account numbers. This fear and frustration is curtailing the growth of on-line businesses and costing the industry the hard earned support and assurance from their valued customers.
SSL Falls Short.
A popular misconception about security is that SSL offers an “acceptable level of security.” However, as many large website operators have recently learned, it is not the transmission of data that poses a threat, it’s how the data is stored once it arrives on your server. Companies are beginning to realize what hackers have known all along – databases are easily compromised. They are virtual gold mines for valuable information. Recently, some well-known companies have shamefully reported “hackers” breaking into their database systems and stealing data.
A Firewall isn’t enough.
There are many ways to keep a computer hacker from getting at internal data from outside of your business. Properly configured routers and firewalls will usually keep outside intruders from entering a network. However, routers and firewalls do very little to protect your data from hackers inside a network, such as a disgruntled or untrustworthy employee whose computer is connected to the corporate LAN. With the exception of easily compromised application-based security, the data that resides on the company’s computers is open prey for internal hackers to view.
Protect the data before you lose it.
To combat both internal and external data threats, InetSolution Inc. has created MemberProtect®. MemberProtect® is a COM object (a bit of programming wizardry) that runs in any environment that supports the Microsoft® COM interface. MemberProtect ™ will encrypt the data inside your database server as it is written, ensuring that data is protected regardless of where any threats originate.
You hold the keys to encrypted data.
MemberProtect® will control user accounts across any number of applications, eliminating disjointed user ID’s, including web applications. MemberProtect® creates a profile for each individual user that tracks all user activity on the system so that any hacking attempts can be easily traced. The system can also be used to keep a secure state inside of an ASP environment with a simple command.
What Makes MemberProtect® so tough to compromise?
MemberProtect® uses a special encryption system that is nearly impossible to compromise. This encryption is used throughout the security system and can be exported to protect data outside of the database as well. There is no limitation to the length of the data or where the data resides.
See the results; believe the claims.
Take a look at the credit card numbers in the two examples below; it's obvious which one is protected by MemberProtect® and how it helps prevent hackers or dishonest employees from stealing data.
Figure 1- Normal unprotected data...easy prey. Note the credit card numbers.
Figure 2- Protected with MemberProtect®.
MemberProtect® is feature-rich.
User Control
MemberProtect® can keep an unlimited amount of information about each of the users on the system. All of this data is securely encrypted within the MemberProtect® database tables. All data has individual read/write settings for both the owner of the data and public users of the system.
Web and Desktop Application Security
Once all of the users are activated in the MemberProtect® system, this information is available to any COM-enabled programs. Simply add the MemberProtect® object to an application and point it’s connection string at the database that contains user authentication information. Security for the desktop or web application is now complete.
Transaction Tracking
All actions performed on the system are tracked in a log table. All information is searchable and contains tokens for ad hoc reporting and searches.
Figure 3- Example of MemberProtect® log file
Enterprise-Level User Administration System
We have tested MemberProtect® on systems with thousands of users with each user profile containing hundreds of attributes. Because MemberProtect® is based on enterprise RDBMS systems; it will scale to any size enterprise and will even run off of your currently installed RDBMS system.
