RE: Web-to-i Communications questions

Thanks again Brad.
I appreciate your insights.

Having never been through this, I do have concerns about getting it right, especially where there is not much expertise here in my shop. I'll have to be leaning on the "community" as I get into the actual design efforts. Right now I'm exploring options so I'm slightly prepared when I get the green light to move forward. That may come sometime in the next few weeks.

-- Michael
~~~~~~~~~~~~

From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-
bounces@xxxxxxxxxxxx] On Behalf Of Bradley Stone
Sent: Monday, January 20, 2014 3:26 PM
To: Midrange Systems Technical Discussion
Subject: Re: Web-to-i Communications questions

I would get all the specs first then. If it's all internal in your
LAN, it shouldn't be an issue.

If it's external you can still use SSL (and authentication if you want
more security). Yes, you would need to map an external IP to your
internal machine. Just like you would with any server.

You can set up the server on the i to run on it's own internal IP with
it's own server instance and config file and own ports and authority.
If set up right, any old hacker shouldn't be able to access anything
except that which you give authority to.

Don't think of the i as anything different than any other server
(except it's better! haha).

To answer your question easily and honestly, yes, it can be done. Yes,
you will hear worst case scenario security issues what ifs (that apply
to ANY
server you have running, even PCs). If it's that big of a problem,
ask
about the possibility to get a separate machine or partition to run
this stuff on (although I don't see a big reason for that.. then you
get into data replication issues which can be bigger headaches.)...

For the PDFs, sending a link to them isn't a big deal, especially if
it's over SSL. You would probably want to protect the PDFs with
passwords as well as access to them should use authentication
(homegrown or standard
Apache) as well as SSL.

I'd worry more about the PDF once it's open on the client's machine
then just passing a URL for it. :) Digital copies are too easy to
make.

If you know what you're doing, it can be secure. If you wing it, you
open yourself up. I've been doing this for years and ran into many
scenarios.
Worst case are just that. And they apply to everything. Do it right
and
it works great. :)

Brad
www.bvstools.com




On Mon, Jan 20, 2014 at 12:37 PM, Koester, Michael
<mkoester@xxxxxxxxxxxxx>wrote:

It is not yet known if the web server will be inside our firewall,

(my

guess is it may not be), and bank routing and account numbers seem
sensitive to me. And I don't think the business would like their
customers' phone bill images to be available to any old hacker.
Can a web service be set up to be private? How?
-- Michael

From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-
bounces@xxxxxxxxxxxx] On Behalf Of James H. H. Lampert
Sent: Monday, January 20, 2014 1:25 PM
To: Midrange Systems Technical Discussion
Subject: Re: Web-to-i Communications questions

On 1/20/14 10:07 AM, Koester, Michael wrote:

Is there something I should know about how to "actively keep it

private"?

It would not be intentionally published.

Well, the whole issue I was raising (and my apologies if it was
already dealt with earlier in the thread) was whether it would be
accessible from outside your firewall, and under what

circumstances,

and how sensitive the information is.

--
JHHL