openerp-community team mailing list archive
-
openerp-community team
-
Mailing list archive
-
Message #04761
Re: About encryption in database
On 2014-02-01 18:18, Eric Caudal wrote:
> We face another security/data access issue with a customer who would
> like to be able to hide the salary information from his IT
> administrator.
Eric, I hope I'm wrong, but I don't believe this is possible,
neither with OpenERP nor any other similar system I'm aware of.
It would be possible, if all "private" information is
encrypted/decrypted in the client (here: web browser) and never
reaches the server in clear text. But then all calculations had
to be done in the client. This would break the whole conceptions
of ERPs, I belive.
> Any security expert would be able to enlighten it? Any common
> practice from other ERP?
* limit the root access to the server to only one/two/three
admins, whom you can trust
* encrypt your backups (easy with duplicity + GnuPG), so you
can leave backups to untrusted file servers
* pay the admin enough, so they won't betray you :~)
* if it is a bigger system, split the server into different
security levels, so that breaking one server would not
break all of them
* maybe you can control the admin activities somehow, e.g.
by logging all root activities. the logging has to be signed,
so that nobody can alter logging information later (maybe
systemd has something to offer here, not sure)
If someone could please prove me wrong? :~)
References