Re: Making the DB secure

Együd Csaba wrote:
> Hi,
> thank you very much. These are very good ideas, I think.
> I forgot one thing to mention. We will have very few clients (max. 20) and
> all clients will be required to have a fix IP address. Fix IP addresses can
> be listed in pg_hba.conf to filter incoming IPs very efficiently. With this
> note, do you think we need VPN or other enhancement?

YOU NEED A SECURITY CONSULTANT.  If you think you can rely on static ips
as a security tool, you are clueless.  I'm sorry, but the fact that you
mentioned that this database contains medical information really
disturbs me.

A static IP insures NOTHING.  A vpn will secure the connection and
protect it.

--
Until later, Geoffrey