Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to restrict access to customer details including credit card numbers by my programmers.

‎11-16-2015 12:35 PM
‎11-16-2015 12:35 PM

How to restrict access to customer details including credit card numbers by my programmers.

Hello All,

 

I'm new to Magento Community and I need to find a way to restrict my programmers from accessing my customers' credit card details from order details.  I want to give them pretty much full access to Magento except that.  I need to keep my customers credit card info secure and unaccessible by programmers as this is not protecting their information.  I got stuck at creating a new user and did not see where it is I would actually configure permissions.  Basically, they can have almost full admin permissions except for customer order details which includes the customer credit card numbers.  Or perhaps there is a way to restrict the visibility of credit card numbers.

 

Thank you,

Beverly

0 Kudos
1 REPLY 1
‎11-16-2015 02:40 PM
‎11-16-2015 02:40 PM

Re: How to restrict access to customer details including credit card numbers by my programmers.

A) Don't store credit card information

 

B) In order to do their job, programmers have access to the database so Magento Admin access protects nothing.

 

So, if you want full protection, you give them a sanitized database to work with. They should be working on a development server, not your live site anyway.

 

You will have to trust someone to move the changes from the development server to live.

 

There are tools available that allow you to do development database dumps that are cleaned of customer data.

0 Kudos