Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

personal data collection

Posted on 2011-02-10
4
Medium Priority
?
424 Views
Last Modified: 2012-08-13
I have a website where I may need to collect names and addresses, no credit card involved.
I have a main site where content is available.
I have a domain for ssl
I wonder if the database access.mdb and the collection form for the information should be stored in a subdirectory of my ssl domain on my server.
Suggestions are welcomed.
Thank you
John
0
Comment
Question by:johnhardy
  • 2
4 Comments
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 1000 total points
ID: 34868856
SSL Only encrypts information in transit between the browser and server.  It does nothing for info stored on the server.  An 'access.mdb' should not be stored on a server where it can be directly linked and downloaded.  Depending on the context and the content, disclosing personal info, even accidentally, can have legal consequences.  http://en.wikipedia.org/wiki/Personally_identifiable_information
0
 

Author Comment

by:johnhardy
ID: 34869050
Thanks Dave
So would I be correct in thinking that the db should be within the SSL directory?

Can you say how I can test if
it can be directly linked and downloaded?
0
 
LVL 5

Accepted Solution

by:
alreadyinuse earned 1000 total points
ID: 34871531
That will not encrypt the actual database, as David stated above the SSl is only going to encrypt the communications, the https requests and responses not the actual database.

Also he is right in the it should not be stored where it can be directly linked and downloaded. Can you put the URL into a browser that points to your mdb location, if you can download the .mdb then anyone can take a copy of the database using a web browser!
0
 

Author Closing Comment

by:johnhardy
ID: 34872924
Very many thanks for the very useful answers
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article covers the basics of data encryption, what it is, how it works, and why it's important. If you've ever wondered what goes on when you "encrypt" data, you can look here to build a good foundation for your personal learning.
Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question