On Tuesday 15 Jan 2008, Dominic Watson wrote: > Ok thankyou. I need to get this proposal out in the next hour
Dube, your in trouble, but you know this :-) > I'm wondering, as the site and business is small and not a major public > target (won't be indexed by search engines), is having a login system and > ensuring code uses cfqueryparam, etc enough or do you think the site should > be on SSL? Any time you have customer data going over the wire, SSL is a must, except *maybe* if it's an all internal app. CFQP is a must too, no excuse. You'll probably want to pen. test your login system, and look at cookie stealing. But you don't have time to assess all that in 45 minutes... > Personally, I think a good login system is enough but if its the law to put > such things on SSL then so be it! You should also talk to a lawyer about what you are and are not liable for, depending on where your server is. -- Tom Chiverton Helping to advantageously drive front-end infrastructures on: http://thefalken.livejournal.com **************************************************** This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:296607 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
