... you have a front box connected somehow to the internet where your client interactions take place. The data is stored in a database (or whatever) on a second box. This second box is directly connected to the first box via a cable so it has no other network connection.
Encrypt the CC data at every step (incoming, between the boxes, in the database, transmission to the paymeny processor, etc.).
Harden box boxes as much as possible (maybe use OpenBSD for the OS).
Don't store the encryption keys on the systems. Change them regularly.
Use SecurID or something validate logging into into the servers.
Basically assume that the hacker can get on your network and on your boxes as root. Using this model it is very difficult to get a CC number, even if you are root. One would have to start sifting through the kernel and other icky things.
Slashdot Mirror
... you have a front box connected somehow to the internet where your client interactions take place. The data is stored in a database (or whatever) on a second box. This second box is directly connected to the first box via a cable so it has no other network connection. Encrypt the CC data at every step (incoming, between the boxes, in the database, transmission to the paymeny processor, etc.). Harden box boxes as much as possible (maybe use OpenBSD for the OS). Don't store the encryption keys on the systems. Change them regularly. Use SecurID or something validate logging into into the servers. Basically assume that the hacker can get on your network and on your boxes as root. Using this model it is very difficult to get a CC number, even if you are root. One would have to start sifting through the kernel and other icky things.
"Here in the USA, the most technologically advanced society in the world".
I think you mean Finland.