comment on

I hope that such remote access would be suitably secure, since it's got people's PII in it!

Yes...most definitely...

The "remote people" are directors and employees with their own login and 2FA. The scripts to access the database reside above the webroot and all database calls are sanitised ^*. Plus, everyone accessing has undergone data protection training. We take data security seriously.

We have also started regularly penetration testing an environment that we've created for this purpose. The code is identical to our production site except that notification emails are turned off and we connect to the production database with an account with only SELECT permissions. We use ZAP for penetration testing.

^* I'm looking forward to the talk from LanX on this topic as we might be able to do even better.

In reply to Data Security (was: Re^3: Printing Labels) by Bod
in thread Printing Labels by Bod

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.