[nycphp-talk] client doesn't want security: what to do?
David Mintz
dmintz at davidmintz.org
Wed Jan 7 16:27:11 EST 2004
A developer -- let's called him yours truly -- has had a nagging problem
for a while. Client -- let's call her C -- has websites, hosted on a
shared server, that collect sensitive info. Said info is written to a
database for temporary storage -- up to a couple weeks, then wiped out via
a cron job whether C has gotten around to getting it or not. C logs onto
to an SSL-encrypted password-protected page to fetch info. Yours truly has
made every effort to make this system as secure as possible under the
circumstances -- e.g., running PHP in cgi mode and making all the
permissions as restrictive as possible, using SSL, etc.
However, yours truly thinks it would be better to use GPG or PGP for
encryption, but C cannot be persuaded to acquire, install and start using
PGP/GPG and thus keeps ~not~ providing yours truly with her public key
despite numerous requests.
Alternatively, yours truly thinks it might be more secure than the status
quo to go straight to an online payment gateway via SSL and process the
you-know-what in real time. C thinks this is unnecessary.
Your truly thinks it's time to prepare a written form for C to sign,
wherein she acknowledges having been advised of the risks and explicitly
states she wants to do it her way anyway.
What do you think?
Many TIA,
---
David Mintz
http://davidmintz.org/
"Anybody else got a problem with Webistics?" -- Sopranos 24:17
More information about the talk
mailing list