Chief Research Analyst of IT Harvest, Richard Steinnon was the former Chief Marketing Officer for Fortinet. Fortinet is a leading provider of network security appliances. Recently Richard posted an article that outlined some guidelines for website developers and publishers in regards to how you can protect your customers from Identity theft. The very best way is to NOT store customer credit card information at all. That data is not required to complete a transaction and accounting/auditing requirements are met by storing transaction numbers only. If you must keep customer credit card information (or *any* customer data) you must encrypt it. Period. To prevent an attacker from infecting your website or using iframes, cross site scripting or redirects you should have the following in front of your web site:

Full UTM firewall. Block access completely from high risk net-blocks that you do not expect to do business with. China, Russia, Brazil , etc. (UTM Guide to be published shortly here on Focus.com)

Web Application Firewall (WAF) to prevent the exploits possible from mis-configuration of your your web server. (Imperva, Application Security , Inc.)

At least quarterly scanning of your web site to make sure all these protections are in place. (Above Security, Qualys, etc.)

Logging to detect unusual behavior, or better yet, Silver Stream Systems fraud monitoring service to achieve more effective marketing. As always, all products are built off of the NuCaptcha Security Platform, promising the best security and usability in the market.