Security – Why Your Data Is Safe Online?

One of the biggest concerns people have at the start of a project – and quite rightly so! – is 'Will my data be safe online?' The simple answer is 'Yes', while the long answer is 'It depends how badly someone wants it.'

If someone wants something badly enough, and is prepared to spend enormous amounts of time and money to get it, nothing in this world is really 'safe'. You could store your antique watch in a bank vault, and someone could still break in and steal it. You could encase it in concrete and steel, and sink it to the bottom of a shark-infested ocean, and someone willing to put enough effort and expense into doing so could still retrieve it. The question becomes: How badly do they really want that watch?

The same is true for computer data. It could be on your home or work PC, on a DVD in a bank vault, in the deepest, darkest depths of a secure network, and there is still the potential for someone to get to it. If they want it badly enough.

The focus of computer data security isn't to render the data inaccessible – that just isn't possible – it is instead to make it so hard to access that it isn't worth the effort for the resulting reward.

This part always sounds condescending, but it's the crux of the matter: Would someone reallobj/ y be willing to devote millions of hours of computing time, with all the associated costs (equipment, broadband line, electricity, data transfer, time they could spend doing anything else), just to get the membership list of your club, or the number of patio doors you currently have in stock? The chances are that the answer is no… no, they wouldn't.

And so, with that in mind, we build sufficient security into all our systems to ensure that it would be far more costly to attempt to steal the data than the data could possibly be worth. Databases are password protected, with the data being passed over secure, encrypted links, to user pages that are often also password protected (that depends on your business, many will want customers to see some pages without needing passwords). For a small extra charge, we can also encrypt the contents of the databases, so even if someone does manage to break in the data is still useless to them.

The truth of the matter is, the most likely cause of your data being stolen is the 'inside job'. A disgruntled employee, someone leaving to start their own business, anyone who already has access to the data could potentially steal it, and in this case your data is actually safer online than it is stored on your own systems. They're another step removed from it, and it's a big step at that.

This is the second point where our in-built security comes into play: User Access Levels.

A typical system would have multiple levels of user access, with which you can restrict who can see or edit what data. More importantly from an anti-theft perspective is how they can see the data.

For a typical user, they can call up and view one record at a time. Once data is on the screen it is potentially vulnerable, even if only to something as low tech as writing it all down with a pencil and paper, but by designing systems to show only single records (which is all a typical user needs at any time) we again make the process of stealing the data far more laborious than the data is potentially worth.

If you have 10,000 customers, is someone leaving next week really going to call up and write out each individual record?

So while your data can never be completely secure, anywhere, ever, we take every step necessary to ensure that it is far more secure than it needs to be to deter people from making the attempt.