Hello,
I need some advice with securing of a contributor application with sensitive data.
We are running many contributor applications with sales plans, etc., which are sensitive, but not that much. Now we should have an application with HR data, which will be highly sensitive, so I need to take more measures.
I was thinking about this and came to these areas, which need to be taken care of:
1) application folder on the windows folder with both application library and other files
- I could use standard windows server security
2) Analyst & Manager library
- could be secured using a special user class
3) Contributor application, macros and admin links
- could be secured based on special user class
(Could an administrator override these settings anyway? I think he could)
- prevent backup, deployment, etc., but could the Administrator not take these settings back?
4) Oracle Datastore
- do I have to secure the application datastore? It contains only encrypted data, so I need only to prevent backup© of the whole datastore??
5) Web application using user classes and watching rights assignment
Did I miss something that needs to be taken care of? Is this described in some document?
It seems to me, that administrator of a Contributor Administration Console could not be filtered out, or at least he could take the settings back?
Would there be any differences, in case we will be running this on MS SQL?
Thanks for your comments
Jaromir
Just do not add new users to the administrator's class. Rest all security stiings you can play with as described in tghe post itself.