What Information NOT To Collect On Your Local Area Website
Have you had to be issued a new credit card recently? Chances are you have. You join millions of Americans who have been part of significant data breaches in the last couple years. Target, Home Depot, Anthem/Blue Cross and Sony are just a few of the multi-billion dollar companies who have fallen prey.
FCA recently completed a complete security audit of our internal and external systems and have adopted a variety of best practices.
You can help keep your local ministry and the ministry of FCA safe by ensuring you don't collect certain types of information through your local area webFCA website.
This only impacts the built-in "Form Builder" which was never designed to store sensitive information.
The following information should never be collected through your local area website forms:
- Social Security Numbers
- Credit Card Numbers
- Banking Information (Routing Numbers, Account Numbers)
Misconception: My URL says SSL, which means I can collect any information because it's secure.
Reality: While the data is collected in a secure manner - the information itself is stored within your website as "plain-text." This means that if anyone was able to break into your website, they could clearly see sensitive information. While we don't expect your site to ever be breached, it's better to never store sensitive information on your site.
Misconception: I can collect any information I want on a form because I'm the only one who can see it.
Reality: Again, there are a variety of ways for people to get into your site. It's a best practice not to store sensitive information so in the rare event your site ever gets compromised, there is no valuable data available.
Our myFCA donation website in addition to other vendors we partner with (events, camps) have been designed to process transactions, encrypt data and ensure we are compliant with the latest federal and industry standards.
Please help us remain safe by not collecting the above information through your local webFCA sites "Form Builder"
If you have questions you can reach out to Dan Andres, our Manager of webFCA.
Posted on Thu, May 7, 2015