 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
KyleL wrote: > My boss has asked me to create a website for a payroll company and I am not > about to design it from scratch so I thought my best bet would be to do it > through a CMS such as joomla or drupal. > > My biggest concern is security. As this is a payroll company there will > bank information, and a lot of money handling so security and functionality > are my two most important subjects that I want to focus on. I'd ask the same questions Dan raised, as that will determine the level of security required and what options there are for achieving it. For example, if there are only a few users who will me modifying content, you might be able to use a hybrid solution where the CMS runs on a private server, and then gets periodically "published" as static pages to a public server. This could be supplemented with some limited interactivity on the public server. This approach gets you the CMS functionality where needed, while keeping the public server bare-bones, and complexity is the enemy of security. On the other hand, it isn't necessarily a win if it leads to you inventing your own authentication scheme on the public server. Stick with something tried and true. -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
