On Tue, 22 Sep 2009, t.piwowar wrote:
On Sep 22, 2009, at 3:57 PM, Richard P. wrote:
A non-profit has a http website in which users are filling out
personal and private form information, and the non-profit would like
the get it secured with https. How can this be accomplished
economically? Is the code difficult to write?
HTTPS is just one element in securing data. It is a lot of work with many
aspects to consider. For example for credit cards there is now a requirement
for quarterly audits/certifications. A good place to start for an overview is
to read up on the "Payment Card Industry Data Security Standards (PCI DSIs)".
This is all true, but the original question just mentioned profile
information, not payment card data. Granted, you still want to be as
secure as possible, so I hope they have someone familiar with network
and server administration and security.
That said, the procedure for installing a certificate varies depending
on which web server you are using. For apache, a good article is
http://onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html
For IIS (Microsoft's web server), their web site has an article at
http://support.microsoft.com/kb/299875
--
Vicky Staubly http://www.steeds.com/vicky/ [email protected]
*************************************************************************
** List info, subscription management, list rules, archives, privacy **
** policy, calmness, a member map, and more at http://www.cguys.org/ **
*************************************************************************
