Is the appointment and customer information stored encrypted?

Support forumCategory: QuestionsIs the appointment and customer information stored encrypted?
0 Vote Up Vote Down
tuxmob asked 4 years ago
Hi, Is the appointment and customer information stored encrypted? If not is this possible? Thank you for the incredible Easy Appointments plugin!
1 Answers
0 Vote Up Vote Down
Nikola Loncar Staff answered 4 years ago
Hi, data for appointments are stored in separate tables but it's not encrypted. Do you need such protection? Best regards, Nikola
tuxmob replied 4 years ago

Hi Nikola,
Yes, I think it would be a great benefit for everyone using Easy Appointments and my clients, and also I believe, if it’s possible, it’s just the right thing to do. To be able to confidently tell my customers that I’m doing everything I can to ensure that the personal data that they are sharing and trusting me with, is held on my site as securely as possible.

Wouldn’t you agree?

Nikola Loncar Staff replied 4 years ago

Hi, yes I agree but that will mean that key for encryption/decryption will be in code. So if someone get hands on the code it will easily find a way to read all the data inside database. If you want to split key into two part and have one part in code and another part that you will write as input before access can lead to lost of access to data if you forgot other part etc.

Best regards,
Nikola

tuxmob replied 4 years ago

I understand your concern. I am willing to take the full responsibility of securely storing that key offsite, the benefits, in my opinion, outweigh the risk.

Perhaps it could be an Easy Appointments Security Enhancement Option with option and I Agree to checkboxes

“Store Customer Data in Encrypted Format”

With a warning something like this:

If you choose to enable this feature and then lose your private encryption key, you will lose all of your customer data.

Easy Appointments will not be held responsible or able to help you in any way to recover your data because this is a TNO “trust no one system”, simply put you are the only person holding the keys.

I agree to checkbox

( ) Easy Appointments will not be held responsible for any loss of data. I understand what this means, and I am enabling this feature with full knowledge that I am doing so at my own risk.

Nikola, if you would consider implementing this, If it helps, I am happy to work with you and test it for you at my own risk. I truly believe this would a valuable addition to your already fantastic product.

Thank you

Nikola Loncar Staff replied 4 years ago

Hi I have added that to request list but priority on that one will not be so high atm in this situation 🙁

Best regards,
Nikola