Question

How to implement individual data access in Mendix for sensitive personal data with users who are not licensed

0

I'm looking for advice on a specific functionality within Mendix and whether it's feasible to implement. My company processes highly sensitive personal data for approximately 2,000 individuals to whom we provide services. Access to certain parts of this data is restricted to specially authorised personnel, and the data is encrypted in our database. Our customers want to be able to access and edit their personal data. We envisage a system where each individual can access their data using their login credentials, followed by a one-time password received via SMS and email. This would create a session that lasts for a set period of time. When the session expires, they would need to re-authenticate with a new one-time password. One of my concerns is the cost effectiveness of this solution. As users may not access their data regularly, the idea of paying for 2,000 licensed accounts (totalling €21,000 per month) seems impractical. Is there a way to facilitate such user-specific data access and editing without creating licensed accounts for each individual in Mendix? Any advice on possible configurations or alternative approaches would be greatly appreciated.

asked 2024-04-22

Łukasz Walczak

1 answers

Micha Friede · Accepted Answer · 2024-04-23

Just brainstorming, not sure if it will work.. and not sure if it is in line with the Mendix license policy..

An anonymous user goes to a page with a non persistable entity (could even be a different frontend application to make it more secure) where they fill in an ID and password (which of course should be stored in your backend application or tables). Filling this in will trigger logic (eg an interface) to create an object linked to the NPE and a code/password is sent to the user.

The user presses a button or link to open the associated object where you verify the code that was sent. When this is ok, you will trigger logic to duplicate the user data into another NPE where it can be updated and sent to the backend app (or tables if you are working with 1 app)