> Both MSSQL and Access uses MDAC. Would it be safe to use a > access database for ecommerce data??
It depends on what you mean by "safe" and "ecommerce data", I think. Access databases will typically be on the same machine as your CF application, so if that server is compromised, it's pretty trivial for the attacker to just grab the contents of the database. There's nothing you can really do about that. Note that this would also apply to MSDE, which some people have suggested as an alternative to Access - the MSDE license requires you to run it on the same machine as the client application. Of course, if the application in question is poorly written and the MS SQL Server is poorly configured, it's pretty trivial for an attacker to get access to the data in that case as well. As for the data, it must be judged like any other asset - how valuable is it to you or to others? If your ecommerce data consists of names and email addresses you might not be so worried about it, but if you're also storing credit card information that's a different thing entirely. Your best bet from a security perspective is to simply avoid storing sensitive data if you can. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:213473 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
