Commit 3074e31c authored by Hayat's avatar Hayat
Browse files

different wording

parent 068fb8aa
Pipeline #13225 passed with stage
in 28 seconds
......@@ -90,7 +90,9 @@ We chose to split the data into three different categories:
Storing contact data in a separate database provides a clear structure for
developers that should help avoiding critical data leaks. Even if an attacker
is able to dump a whole table or even a whole database, this structure still
limits the impact.
limits the impact. An attacker without access to castellum would need physical
access to both databases in order to get the same level of access as with
castellum.
However, it is important to understand that the barrier between recruitment and
contact data is not that high. Since castellum has full access to both, an
......@@ -98,9 +100,6 @@ attacker can also gain full access. Spreading the system across several
databases on different servers or even in different organizations does not help
much if there is still a single point of entry.
The database separation provides reasonable protection against attackers with
physical access to only one database, but without access to castellum.
Monitoring
----------
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment