Apr 23, 2014 06:48 AM|bbcompent1|LINK
Shared database server yes, shared database however would not be the best idea and the reason aside from security goes further into a managability point of view. Say we start with ten tables per customer, how sustainable would this model be if we were to
add another 100-200 customers? Can you imagine how massive the one database would be? So therefore create one database per customer and secure the data using the encryption model mentioned in my first response to you. Having a private key pair (at least
128 bit encryption) ensures that no one other than an approved user by the client accesses the data. This way you cover your bases so during an audit as Illeris mentions you can prove there is no way you would have access to the consumer's data. Also, another
important thing to do is get yourself a certified ethical hacker to perform penetration testing to ensure your system is a less desirable target for attack.