Jump to content

Let me know if this is flawed

jdu98a

By jdu98a
in Other Internet Technologies

 Share

This topic is 6262 days old. Please don't post here. Open a new topic instead.

Recommended Posts

jdu98a Collaborator

jdu98a

Posted
Posted

I have an IWP solution where customers are going to be entering delicate info such as credit card numbers. I have all IWP connections auto signed in under the [guest] account. I have set all sensitive fields (such as CC numbers) to be global fields. This should make it so that no one can see the data entered by an outside user unless they are connecting from the same IP since global fields are user specific (I have tested this). Also, when the user disconnects from the database the record they were using is deleted. Is there any flaw in this? Short of masking an IP address during the time a user is connected, is there any way someone could get access to that sensitive data being entered?

T-Square Experienced

T-Square

Posted
Posted

If I'm not mistaken, IWP does not use encrypted protocols (i.e., https); consequently, the data will not be secure between the client machine and the server. That would be my main worry.

David

This topic is 6262 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept