I am researching what it would take to develop a secure web application that would intake highly sensitive financial information, such as customer SSNs, for my business in the US. I am looking to understand (i) what government regulatory frameworks I would need to comply with, (ii) what security audits or certifications I would need to obtain with respect to the software, and (iii) whether I would need to hire dedicated personnel to monitor security at the outset (it would start off very small) and if so what credentials they need to have.

I am not a professional programmer by trade (I work in financial services), but I have developed software as a hobby for a long time and I could certainly learn to implement whatever is necessary. The idea would be that I would develop the software myself (at least initially) and then engage consultants to help me harden/audit it and get it up to the correct standards. Overall I am trying to determine the cost of this both in terms of time and expense. I am grateful for any insight to point me in the right direction. Thanks!

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.