Besides application security and network security, the place (usually a data center) that hosts your ecommerce applications should be physically secured and with proper secure operation procedures
Procedures
Only authorized personels should be allowed to access portions of ecommerce operation facilities and servers. For instance, customer support team and development team may not be allowed to access production Web servers and database servers.
Environment
The computers that host Web Servers and Database servers must be located in a physically secure facility, usually a secured data center.
|