For the past several years I’ve been working on an Enterprise based web site to process medical records, specifically personal health records. The US government has some very strict requirements for the security of electronic patient data: HIPAA requirements.
Recently a cyber security firm was hired to literally attack the site and do everything they could to disrupt it or break in. Part of the process is known as penetration (PEN) testing. They were also given a variety of accounts for normal access in order to see if they could use one account to access data in others,
Enterprise, the Mac OS and our own security schemes held up and we passed with flying colors. Having interviewed some of their past clients as references for their services, I know this is exceptional. (Look up SQL Injection for an example of an often exploited SQL security flaw)
Enterprise certainly did its part and we couldn’t be happier about its role in this ongoing project.