An e-commerce website uses LAMP stack hosted on a single rack-mounted server located at a data center. On every transaction, credit card information is stored in the MySQL database at data center.
For accounting purposes transaction records (including credit card information) is transmitted in standard unencrypted formats, such as CSV or XML files, to the accounting server. At regular intervals, a batch job on the LAMP server pulls new transactions from the MySQL database and sends them via FTP to the accounting server.
Once the accounting is done, transaction records are immediately encrypted and stored in a database on some server.
The e-commerce company has identified several threats that they want to protect the credit card numbers from and these threats are:
- Database administrator – A company employee with authorized access to the database could log in and pull down credit card information
- Data center – A data center employee could pull the server out of the rack and take it, along with all the credit card data
- Internet attacker – An attacker could potentially break into the system and steal the credit card information from the database
- Internet attacker – The communication of the transaction data from the e-commerce server to the accounting server could be intercepted by an attacker
What is a single secure architecture solution that provides protection for the credit card numbers again all 4 threats mentioned above? Physical security is out of scope and I realize there are many other potential threats, but in this scenario, only 4 above threats.
I came up with encryption technique that can be done while transmitting or storing data Not sure if that's the most appropriate or convincing answer for this question.