|
|
|
|
|
|
by pbourke
3207 days ago
|
|
|
At the very least, you could separate identity and data access and treat each person's data as a separate tenant. The main data store that contains everyone's credit reports (high side), should have physical and network isolation from the public site (low side). Only copy from high side to low side when someone becomes a customer. (disclaimer: IANA security expert, but the perfect is the enemy of the good) |
|
|