April 29th, 2016, 10:03 AM
Determining a Solution for a Protected Front-end for a Database
Good morning everyone,
I'm not sure if this is the appropriate sub-forum, but I believe that it is. Please correct me if not.
I am trying to determine a solution for my business. We are in need of a manual-entry front-end for a database of sorts. However, the information that will be going into this database requires protection as it contains sensitive information. The research that I have done up to this point has my mind set that there are many CRUDs out there that I could work on in php/mysql that would fit the bill. However, finding something requiring login/password with tokens that I can call back to for WHERE clauses in database searches so that certain users can see certain records is more difficult.
Due to the sensitivity of the information, I do not want to cobble something together myself that can be easily broken. I have started looking through different existing solutions (we use WordPress for our public face, so perhaps a CRUD plugin in the admin back-end section), but either there aren't any that have been produced, or I am looking incorrectly or in the wrong places.
Does anyone have any suggestions on either any already-produced solutions, or a certain platform/code I can look to?
April 29th, 2016, 05:19 PM
"Protected" how? Are we talking about names and addresses? Credit card numbers? Medical information?
April 29th, 2016, 07:04 PM
Protected by login/password functionality, and yes - medical information.
April 29th, 2016, 07:40 PM
Using my magical mod powers I see that you are in the US.
Medical information has certain standards that you must adhere to. Legal standards. The kind that get you in Big Trouble if broken. Practically the most stringent requirements there are for storing information.
Do not do this yourself.
I don't know any solutions myself but I'm... kinda sure there's something out there. Given the requirements for the storage of the data, I wouldn't trust anything where you can buy/license the software and set up and host yourself. Odds are you'll find a service you pay for online, and/or you find software that comes with 24/7 technical support and maybe even an on-site technician to install it; the latter probably has its own hardware (multiple servers) and staffing (certain people with certain access) requirements.