I have some highly confidential documents pertaining to a stealth mode startup venture. They live in a directory outside public_html on the server at my web host. I wrote a system that allows select people to view them (one time only - they're not even in the browser cache) but for all my stealth and security, the one vulnerability I have is the people who work at my web host.
I know I could solve this by setting up my own web server in my home, but (A) it's against my ISP's TOS, and (B) I don't really have the sysadmin chops for truly locking it down.
If I encrypt them, I'd have to be able to decrypt them on the fly for people to view (once they've signed an NDA) -- but in order to decrypt them on the fly, I'd have to have a decryption key (visible) in some file somewhere, wouldn't I?
Thoughts? Comments? Suggestions? Thanks!