[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Phpgroupware-users] Re: Security provisions of CK-ERP

From: C K Wu
Subject: Re: [Phpgroupware-users] Re: Security provisions of CK-ERP
Date: Fri, 21 Jan 2005 16:45:04 +0800
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041020

Hi, Dave,

I thought you are fully occupied with giving Noah his first programming lesson :) .

Dave Hall wrote:

On Fri, 2005-01-21 at 12:48 +0800, C K Wu wrote:
Hello, folks,

I noticed the Jan 14 irclog of #phpgroupware carried a query on the security of CK-ERP.

<snip />

However, internet is inherently a hostile place. If, CK-ERP, as a web application, is placed on the web for access by users anytime, anyplace, then, VPN or some encrypted tunnelling access is advised.

HTTPS should be adequate for encryption, even for LAN access it is
advisable, to you trust all of your users? Access to the server is a
separate issue :)

Well, most auditor will insist that no user should be trusted beyond the absolute bare minimum :( . Because the system now includes some rather sensitive staff and financial information being made available online, security does become a basic system requirement. Actually, I would imagine, in some juridiction, legal requirement in terms of data privacy protection may come into play.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]