A recent news report about a travel services company who has been fined £150,000 by the Information Commissioner's Office for a breach of an 'internal' system, hosted on the same server as their main e-commerce website (that lead to the compromise of over 1.1 million credit/debit card details) has driven me to write this post, so that further incidents of this type do not happen. (more…)