All, although I found a couple of threads discussing security and credit cards, I can't quite find what I'm looking for or suggesting.
The security part for the site itself is pretty straight forward. The security part for the administration section is not too bad to figure out. That said, I'm thinking that database encryption would be something to consider as well if you are keeping the full card information in the database.
I'm not a fan at all of sending credit card information via e-mail, since it is not secure.
I think I have a suggestion that would work in my case. I'm not looking to run the card information immediately when submitted, rather they will be charged manually by my client.
Secure the site as normal. Have a field for Gravity Forms that BREAKS APART the credit card into two strings. As an example, when the form is submitted, have the first eight characters and the expiration date sent via e-mail in the regular form and have the other eight digits and the CCV left in the database.
When you look at the e-mail, you don't have all of the information. When you look at the database, you don't have all the information. Put them together and you can charge the credit card.
What do you think? Would this be possible? It would solve a big issue that I have right now.