Newsletter Security (Data Protection Act) - Sitefinity - General Discussions

All Replies

Posted by Community Admin on 04-May-2011 00:00

Good evening,

Is there any information floating about on how secure the Sitefinity newsletter module is?
For example, in the UK we have to conform to the data protection act to insure customer personal information is safe and secure.

Some information on what is expected for a company holding data can be found here http://www.ico.gov.uk/for_organisations/data_protection/security_measures.aspx

One of the points mentioned is that they recommend that personal data is stored in an encrypted form. Does the sitefinity newletter module encrypt stored data when users sign up etc?

I understand that there are a load of server side measures that have to / can be taken to insure data is protected, but I was just wondering if there are any security measures that the sitefinity newsletter module has built in to further secure the data?

Any information on this matter is greatly appreciated.

Thank you for your time,

Rob

Posted by Community Admin on 04-May-2011 00:00

Hi Robert,

We do not encrypt the data. In its basis the module uses System.Net.Mail.SmtpClient. The SMTP settings are saved inside App_Data/Sitefinity/Configuration/SystemConfig.config file, but they are not encrypted this is something that we have to do.

Regards,
Ivan Dimitrov
the Telerik team

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 10-May-2011 00:00

Thank you very much for your response.

Encryption would be a great little feature to have. It would certainly bring that extra peace of mind.

This thread is closed