M
Mantorok
Hi all
I don't leave much to chance, I've been thinking about security
considerations when deploying a web-site. We have sites in our DMZ and most
of these utilise our "internal" database server - seperate network accessed
through a seperate firewall.
We have our connection strings in our Web.config files, and for additional
security I encrypt this values, in fact I encrypt anything that contains any
sensitive data in the web.config.
Is that over the top? Should I be content in the knowledge that our
"internal" network is safe from Internet users and therefore should put
trust into the security that is already in place? The internal network is
definitely safe, but is it good practice to be on the "safe side" as well?
Thanks
Kev
I don't leave much to chance, I've been thinking about security
considerations when deploying a web-site. We have sites in our DMZ and most
of these utilise our "internal" database server - seperate network accessed
through a seperate firewall.
We have our connection strings in our Web.config files, and for additional
security I encrypt this values, in fact I encrypt anything that contains any
sensitive data in the web.config.
Is that over the top? Should I be content in the knowledge that our
"internal" network is safe from Internet users and therefore should put
trust into the security that is already in place? The internal network is
definitely safe, but is it good practice to be on the "safe side" as well?
Thanks
Kev