“you should not be in charge”. I agree. Totally. but sometimes you got to do what you got to do.
We both know that there is no “secure system” per se. I need a relatively secure system.
The system would be made of a “production server” that runs Java software able to crunch data, and produce html report.
At the moment I am working with my clients through their email. This is both my front-end, and back-end of the system. It is a relatively secure way of handling their data.
I need another server which would host web front, and back-end, where they can view the reports, upload new data, and new files.
You see what I mean?
Mot modern CMS store the html data in database, I am thinking of uploading reports to the database, with encryption, and access by user rights.