No announcement yet.

how to be secure for client database

  • Filter
  • Time
  • Show
Clear All
new posts

  • how to be secure for client database

    when it is inserted into webpage data related to clients how administrator can be secure the data not available for third party ?
    I mean there exists website applications, which are serve as construction tool for one´s own webpage. If you create one and start to collect data of people.
    How would you be secure about this. I heard smth about hosting. where webpage is supported by specialist (service providers). But if I create one webpage by means of free application how could I be ensured that data being collected are in secure area, nobody has access except myself?

  • #2
    Re: how to be secure for client database

    ensure there's end-to-end encryption.

    the page your visitors put data in, is encrypted with an SSL certificate.
    the connection between your webserver and your database, is encrypted with IPSEC.
    the config files for the webpage are not publically accessible and do not list usernames and passwords in cleartext.

    store all password details that are put in the database in encrypted and salted format.
    don't store credit card details.
    don't use a name as a primary key identifier, use just an ID number so it's hard to cross link to a specific person

    there's probably more than that, but that's a starting point
    Please do show your appreciation to those who assist you by leaving Rep Point