22. The company is planning to set up a Web site to enable customers to enter and track their orders using the Internet. Explain the additional security procedures that will be needed.
Web security requires more steps. Customer and transaction data has to be encrypted, so you need to get a digital security certificate. You also need to build the website from the beginning to incorporate additional security tests. Typically, the Web interface has a limited set of permissions into the database. For example, it can be granted read-only rights to the product data, minimal or no access to employee and financial data, and limited write access to the Bicycle and BikeParts tables. Access to the database should only be done through forms, so you can test the forms and use them to severely restrict the actions that users and perform.