Együd Csaba wrote:
> Hi,
> thank you very much. These are very good ideas, I think.
> I forgot one thing to mention. We will have very few clients (max. 20) and
> all clients will be required to have a fix IP address. Fix IP addresses can
> be listed in pg_hba.conf to filter incoming IPs very efficiently. With this
> note, do you think we need VPN or other enhancement?
YOU NEED A SECURITY CONSULTANT. If you think you can rely on static ips
as a security tool, you are clueless. I'm sorry, but the fact that you
mentioned that this database contains medical information really
disturbs me.
A static IP insures NOTHING. A vpn will secure the connection and
protect it.
--
Until later, Geoffrey
