I am out of my league here...... but??
Results 1 to 9 of 9

Thread: I am out of my league here...... but??

  1. #1
    Junior Member
    Join Date
    Jan 2006
    Posts
    1

    I am out of my league here...... but??

    I dont know any technical stuff. BUt i am working on a website company with a collection company... he plns on putting a databse ot some of the esiest adn simplist steps to take to ensure his security would be.
    Thanks you for your time
    J Sabol

  2. #2
    Banned
    Join Date
    Jan 2006
    Posts
    10
    http://www.amazon.com/gp/product/ima...283155&s=books

    I didn't think you put many details as to what you actually have in mind. Then agian, I didn't read into this thread much anyway.

  3. #3
    Senior Member
    Join Date
    Mar 2005
    Posts
    175
    Hi jshadou, I think Penelope Mills is right. We do need more details. If you have bulky data and database will be queried more often then I prefer MySql.

    Try these if they could help you :-
    http://databases.about.com/od/admini...a/choosing.htm
    [PDF]http://www.dit.ie/DIT/library/resources/subjects/pdf/howtoselect.pdf



    - :S:
    \"And life is what we make it. Always has been, always will be.\"

  4. #4
    Senior Member
    Join Date
    Dec 2004
    Posts
    107
    jshadou,

    I'm not sure what you mean by "I don't know any technical stuff", but you might want to consider hiring someone to do it for you. Of course, it depends on your budget.

    Also, I'm not sure what you're asking. Are you asking how to secure your connection, database, server...?

    For securing connections, Google search for SSL.

    Depending on your database, there are several resources. For example,

    mySQL: Security considerations
    Oracle: Oracle Security FAQ
    MS SQL: http://www.sqlsecurity.com/DesktopDefault.aspx

    For misc security questions, I would start at any one of these fine tutorials put together by AntiOnline's finest:

    http://www.antionline.com/tutorials/?c=7


    If you find yourself with too much information (I believe someone referred to it as trying to sip water from a fire hose, in an earlier thread), you can always go back to the basics. It is not an easy process, and it will take years to learn.

    Also, I'm not trying to discourage you from asking questions or from learning this stuff, but it's important that in situations like these you not bite off more than you can chew because undertaking a heavy project with minimal knowlege will result in not only failure but also discouragement (is that a word??) from trying in the future.

    Remember, there is always the option of hiring someone if you find yourself in too deep, and in need of a quick production.

    Sincerely,
    ik
    Alright Brain, you don\'t like me, and I don\'t like you. But let\'s just do this, and I can get back to killing you with beer.
    -- Homer S.

  5. #5
    Banned
    Join Date
    Jan 2006
    Posts
    10
    But he didn't ask for another database or another operating system. Atleast I don't think so based on the bits and pieces of what I read.

    <small talk>*cough... so how's the weather on your side of the globe?</small talk>

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    1. Debt collection/Recovery Company.
    2. Website & web applications.
    3. Database.

    Data protection/security, local and Federal legal requirements, disclosure requirements, Professional Association requirements?, licencing requirements?

    And that is just scratching the surface This is certainly not an area for someone who, by their own admission,
    dont know any technical stuff.
    I haven't even mentioned database content, database location & security, applications functionality, access control requirements, hosting arrangements.........etc. etc.

    There is far too little information to even begin to answer this question.

    But he didn't ask for another database or another operating system. Atleast I don't think so based on the bits and pieces of what I read.
    He did not mention ANY database or operating system, so how can anyone suggest ANOTHER ?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    jshadou:

    Don't even contemplate it without professional help...... You will be hauled into court in days after you place this in the public domain. The _only_ simple way to provide adequate security to your database without professional help is not to make it publicly available.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #8
    Senior Member
    Join Date
    Mar 2004
    Posts
    171
    TS is right on.

    I am not sure if the info within the database falls under a required staandard or not (too little info) such as Medical info is cover by the HIPPA standard. But my guess is that the info is going to cover payments, and people's person info such as SS#, address, other items used to track debts.

    If you do set it up without professional help that knows the legal requirements, then you can 1) be sure it will be a target if not breached within a few hours of activation, and 2) that if/when it is breached your employeer will be in hot legal water, and 3) you wont be workin on the job.

    I dont think HIPPA covers collections, but it might.
    ~ I'm NOT insane! I've just been in a bad mood for the last 30 years! ~ Somepeople are like Slinky's: Not good for anything, but the thought of pushing them down the stairs brings a smile to your face!

  9. #9
    Junior Member
    Join Date
    Aug 2005
    Posts
    1
    HIPAA actually can cover collections when specific protected health information is passed on to the collector. From what I recall of the collection business they have to prove that a debt is legit if the collectee asks for the information. That being the case they would have to provide specific information about visits and insurance payments back to the collectee. Therefore the entire database and all their security policies would have to comply with the security standards that went into affect April of 2005.

    That said, I do agree with the previous replies that you really need to consult a professional no matter what information you are storing. With the lawsuits coming out of the woodwork you need to protect yourself and your clients from any possible litigation.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •