Assuming web server is Xojo Cloud.
2 scenarios
Scenario 1: user logged into web app via https: (SSL installed).
Is this good enough for users to enter confidential information into my web app? The database where data is stored is encrypted.
Scenario 2: my admin app running on windows connecting to my Web App via HandleURL via HTTPSecureSocket in TLSv1 mode.
Is this good enough for my PC APP to exchange confidential information over the web to my WebApp?
In other words - are these reasonable practices in the industry? Or could I be accused of some gross negligence?