>From a personal perspective, I would be horrified if I found out my medical records were being served from a multiple account hosting environment with a shared SSL cert.
That aside, from a technical perspective, security is an onion. There are so many layers and working with it can leave you in tears. I think you're starting off on the right foot in that you need to make sure you provide as little information as possible, and work up from there. Beyond that, there are far too many aspects to application security than can be covered in a newsgroup posting. There have been many postings covering various topics related to security in CF-Talk. Try doing a search on the keyword(s) security, SSL, CFQUERYPARAM, authentication, passwords, etc. It should at least get you a running start. -----Original Message----- From: Claremont, Timothy [mailto:[EMAIL PROTECTED] Sent: Friday, March 04, 2005 9:03 AM To: CF-Talk Subject: OT - Security Of Sensitive Data This MAY be more a hosting question, but I am looking into how I can best share sensitive PATIENT information over the internet to our nursing staff out in the field. We have a CrystalTech shared hosting account, and have the typical SSL directory available to us. I can even go so far as to ONLY store information like Client Number instead of identifying information like name, etc. I would simply provide the nursing staff with a physical listing of patient and ID numbers. My question becomes, since we are on a shared server, what real security do I have, even with an SSL directory available to me? And, when it comes to CF, what are my options to maximize security under my less-than-ideal environment? Am I asking too much? TIA, Tim ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please delete it from your system. This footnote also confirms that this email message has been swept for the presence of computer viruses. Thank You, Viahealth ********************************************************************** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:197437 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
