Hi Claude, The simple solution is to use cfencrypt before you write the information to the database and then use cfdecrypt when you read it out again - using the same encryption key of course. For added security you could make the user logon before the end of month to enter the encryption key so you don't have to store it in the code or in a file somewhere. Of course you could store the key in a lookup database table somewhere, encrypted with its own key which you store in a file somewhere else. I guess there are a myriad of scenarios...
Mind you... If the client is running any kind of non-cf code or just plain sql against the database then they are going to have problems if they want to get to a field that you have encrypted... Cheers, Brett B) SAMARIS Software wrote: > Hi, > > My customers are wanting the bank account details and contract details of > their customers which are being stored on my sql database to be encrypted in > order to protect the privacy of the client information. My software > application stores contact and bank account details of property owners who's > properties are being managed by my client, hence the need for my client to > have bank account details and contact details recorded within my cold fusion > application that has an sql dbase back end. My software application is used > at the end of each month to calculate and issue income statements and > generate aba files to eft payment of income to the property owners. > > My application is being hosted with a large cf hosting company in America, > the application is running on a shared CF hosting service. > > Can anyone provide me with some assistance in relation advise on the best > approach to protecting the data ie encryption of the data stored on the sql > database. > > Regards > > Claude Raiola > B.Econ (Acc), B.Hot.Mngt. > > Websites: > www.AustralianAccommodation.com > www.SAMARIS.NET > www.WebSiteSolutions.com.au > Mobile: 0414 228 948 > > > > > > -- Brett Payne-Rhodes Eaglehawk Computing t: +61 (0)8 9371-0471 m: +61 (0)414 371 047 e: [email protected] w: http://www.yoursite.net.au --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~----------~----~----~----~------~----~------~--~---
