basically our security entails a VPN between the database server and software 
server, firewalls, application firewalls, an SSL between the client machine and 
software server, and all of the usual CF security... however there are rules in 
some countries that medical data must be encrypted in the database, i agree 
that i cannot see the threat this directly targets!

 


>> > And don't forget the network traffic between the server and the DB. Which
>> > can be encrypted using MS encryption libraries for a ... ahem ... small 
>> > fee.
>>
>> It doesn't cost anything (except your time) to set up an IPsec tunnel
>> between two Windows machines. And SQL Server natively supports SSL/TLS
>> as well.
>
>But more to the point, yes, that's another threat profile to consider.
>
>Dave Watts, CTO, Fig Leaf Software
>http://www.figleaf.com/
>http://training.figleaf.com/
>
>Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on
>GSA Schedule, and provides the highest caliber vendor-authorized
>instruction at our training centers, online, or onsite. 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:343517
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

Reply via email to