|
|
|
|
|
|
by harrytuttle
4716 days ago
|
|
|
We keep encryption keys for sensitive data in active directory and have a front end firewall, web servers, midplane application firewall, back end service layer cluster, internal firewall before anyone front facing can get at the info. The decrypted data is never passed to the web layer. To gain access, someone will have to root two separate active directory domains after breaking into multiple low privilege accounts and a database cluster. Possible always, but we make it a hard target. |
|
|