Posted by Jason Sherrill on 4/28/2010
The state of Massachusetts' new data security law, 201 CMR 17.00
, will impact many web based applications that collect and store personal financial information about users. The new law reaches beyond the state's borders and affects organizations that are collecting and storing personally identifiable information (PII) about Massachusetts residents. The law requires that PII be encrypted during transport (from client to browser) and while at rest. The law imposes stiff monetary penalties for organizations that fail to provide these two types of data protection for PII that they collect and store about Massachusetts residents.
Posted by Jason Sherrill on 4/9/2010
InetSolution provides not only secure website hosting for banking sites
, but we also provide application development and security consulting. Even with all of the security awareness present in the financial industry, the overwhelming majority of banks and credit unions that fail our basic website form security audit. At a bare minimum, any form that collects information from visitors to your website should meet these criteria.