Encryption
You've seen the news reports before. Some graduate student takes home a copy of their database from work and leave the HDD in the car while he takes a piss at the gas station. Next you're making headline news that you just exposed 10 million social security IDs. I understand that not everyone has the same security needs. I also understand that data encryption is not the end all answer to what I'm about to complain about. But there are just some pieces of confidential data that you encrypt so that in case something unexpected happens...there's one more step between the important stuff and the abuse of that information.
I assumed that our SSNs were encrypted. Well I happened to be browsing the DB and found out there not. WTF? even in my little school projects I encrypted SSNs. I can't believe this hole hasn't been fixed. Now I'm afraid to change it because so the system is so large. oh man...
On top of that we are indeed physically transporting our DB between sites. It's only a matter of time. Oh my pregnant head.
April 4th, 2008 - 07:30
You left out the days and times of transportations, and of course what routine pit stops are made along the way. Not that our loyal readers would plot anything devious with that information… muhahahaha!