Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase 123»»»

Who's Got Your Data? Expand / Collapse
Author
Message
Posted Tuesday, July 2, 2013 9:09 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Yesterday @ 5:38 PM
Points: 31,355, Visits: 15,819
Comments posted to this topic are about the item Who's Got Your Data?






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1469826
Posted Wednesday, July 3, 2013 3:02 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Monday, December 15, 2014 3:27 AM
Points: 337, Visits: 2,282
At I wrote a while back in another editorial thread, we gather way too much data. And most of it is without pre-defined purpose, low structured and is never actually used. And when it does get used, the low quality gets in the way. But since the person making the call to capture "everything" never directly feels the downside of it, that falls on the IT guys, what other decision is there to make? People are indecisive without knowledge, which equals store everything in this context. It looks safer from a leader perspective to store data that you never use, then it is to not store it and that being used against you when you find out you do need the data later on. Such is human psychology. The reality ofcourse is that just storing data without thinking about its use and the required structure is just as bad as not storing it at all and needing it later on.
Post #1469921
Posted Wednesday, July 3, 2013 6:31 AM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Tuesday, November 5, 2013 2:47 AM
Points: 11, Visits: 17
Frankly, there is no way to escape the decryption power of the NSA. What all sorts of private companies are doing with my purchase data etc. is secondary. It can be annoying, but that's all.

Far more dangerous are the totalitarian traits of what all kinds of intelligence services in the worlds are doing with us. The CIA and the NSA are under the worst offenders here, by their budget and by their evil willingness.

Sorry, this is not a technological problem, but an eminently political one. This has nothing to do with the "protection of the people against terrorism" or other fairy tales. This is George Orwell 2.0. Soon arriving at your neighborhood!
Post #1470014
Posted Wednesday, July 3, 2013 8:05 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Yesterday @ 5:38 PM
Points: 31,355, Visits: 15,819
crussell-931424 (7/3/2013)
What I worry about is the data getting degraded, "accidentally" changed or whatever, as it moves from one location to another. For example, in your editorial I noticed a couple of typos that I'm sure were never there in your original draft. You said "It's lots constantly" when I am sure you meant lost. Also "...and now many mistakes..." was probably originally how instead of now.


Thanks for the correction.

I agree with you that quality issues from degradation are a real problem. In this case, they could result in major problems for someone.







Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1470072
Posted Wednesday, July 3, 2013 8:36 AM
Right there with Babe

Right there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with BabeRight there with Babe

Group: General Forum Members
Last Login: 2 days ago @ 12:11 PM
Points: 771, Visits: 1,971
info-550580 (7/3/2013)
..
Far more dangerous are the totalitarian traits of what all kinds of intelligence services in the worlds are doing with us. The CIA and the NSA are under the worst offenders here, by their budget and by their evil willingness.

...!


This is true, but as we see from this instance, whatever is collected for commercial purposes can be strong armed by the state. All the big names in the internet world as well as the telcos may be collecting for their own purposes, but are hardly in a position to hold off when the government secretly comes knocking. This should be a serious concern when contemplating moving business to the cloud, as well. If all your information is in house, someone has to present you with a warrant (which you can review with your lawyer)... you may never know about information grabbed from your cloud provider.

There is a huge risk of false positives from this massive data gathering as well. Some years ago I read about a man charged with arson when his 'loyalty card' showed him buying fire starter sticks similar to the ones used in the fire just before the fire was set. In that case it was only luck, the actual arsonist was arrested for something else and spilled, that saved the innocent guy. In the meantime his life was hell and probably financially devastated (even if you're innocent, criminal defense will wipe out your savings)

When a visible crime or 'terrorist' event occurs, what's to prevent vacuuming up all people who happened to be in the area (cell phone location, license plate readers etc). License plate readers can be used for legitimate purpose (looking for stolen cars, outstanding warrants) if read, checked, and deleted. There is NO such legitimate purpose for permanently storing the data (where a car was driving or parked and when) which, unfortunately, is how more precincts are starting to use them.


...

-- FORTRAN manual for Xerox Computers --
Post #1470090
Posted Wednesday, July 3, 2013 9:07 AM


SSC Veteran

SSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC VeteranSSC Veteran

Group: General Forum Members
Last Login: Yesterday @ 8:39 AM
Points: 225, Visits: 644
Very good article, Steve, thank you.

It may be of interest to know that Kamala Harris, the California State Attorney General, posts data breaches on the AG website. You can find more about it here:

http://oag.ca.gov/ecrime/databreach/reporting
Post #1470102
Posted Wednesday, July 3, 2013 9:07 AM


SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Yesterday @ 8:02 AM
Points: 2,049, Visits: 3,596
At one time our data used to be secured in a file cabinet that was locked when the person in charge of that data was not around. We are a far cry from that. While we have somewhat mastered the ability to store seemingly endless amounts of data as you described, Steve, we have not even begun to master the access controls, restrictions, guidelines, etc that should be placed on that data. Many will express their frustration with things like Sarbanes Oxley or HIPAA yet in the days of the file cabinet you would have had to go through one or two people to get access to that data, and they would be looking over their glasses at you wondering why you need to see it. Even if they did let you have access they would probably only have given you the detail which you needed, not all the other information that you could easily see by looking through the whole file. I have been in the medical records room putting computers in place, being watched by one of the staff to make sure that my eyes were staying on the task at hand. When they all had to leave the room, so did I. Now, with everything going in the database, there are many more people with access to that same data which was once vigilantly protected.

Somehow we need to get to the place where we are able to master data access in such a way that people, by job definition, only get to see the data that they truly need, and yet all jobs functions are able to work flawlessly without being constrained by those same restrictions. Utopia? Maybe. Regardless, that is going to mean that companies are going to need to put a higher value on security of data, and through that they will force other companies to come up with better ways of controlling that access. You can do that to a certain degree today with the security mechanisms in SQL Server, but something more robust is needed, another layer maybe, that is abstracted to the level of job title / description. Government mandates are not the solution though. You, me, we, putting a value on our data, and holding companies accountable to the security of that data is what is going to drive this. We as the consumer, need to find those companies that are protecting our data, and then use them, regardless of our technical bias, etc. When we start using those companies that are serious about data protection, then you will see more companies doing that. Look at the organic industry. People got serious about the quality of their food, and what was once a small niche market now has every food manufacturer fighting to get a foothold in that market. They have changed for the desires of the consumer. Hmmm, sounds like capitalism at the data level. :)

Just my thoughts.....


David

@SQLTentmaker
SQL Tentmaker
“He is no fool who gives what he cannot keep to gain that which he cannot lose” - Jim Elliot
Post #1470104
Posted Wednesday, July 3, 2013 10:15 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Yesterday @ 5:38 PM
Points: 31,355, Visits: 15,819
Craig-315134 (7/3/2013)
Very good article, Steve, thank you.

It may be of interest to know that Kamala Harris, the California State Attorney General, posts data breaches on the AG website. You can find more about it here:

http://oag.ca.gov/ecrime/databreach/reporting


thanks







Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1470151
Posted Wednesday, July 3, 2013 10:17 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Yesterday @ 5:38 PM
Points: 31,355, Visits: 15,819
David Benoit (7/3/2013)
...

Somehow we need to get to the place where we are able to master data access in such a way that people, by job definition, only get to see the data that they truly need, and yet all jobs functions are able to work flawlessly without being constrained by those same restrictions. Utopia? Maybe.


I think it is Utopia, mostly because of the overhead of trying to classify data. too often I think we don't know, or don't have the time to spend doing this. How many people actually set up 3-4 roles in a database, and limit the access? Few do, often because we can't easily classify data or entities for a job, and often because as applications evolve, we need to give access to new tables, or portions of tables.







Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1470153
Posted Wednesday, July 3, 2013 11:36 AM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Monday, December 15, 2014 7:16 PM
Points: 69, Visits: 382
Steve,

Yep, that about sums it up. I've known since Oli North was busted by emails he thought he deleted that anything that is ever online for a single moment can potentially be saved and viewed by others without my knowledge. I am ambivalent about this state of reality. On the one hand, I'm trying hard to blend in with the heard, and hope that the lions stalking us choose someone else to eat for lunch. On the other hand, I try to reduce my electronic footprint whenever possible by: 1) Never signing up for "Club Cards" whenever I have a choice in the matter; 2) I never cache my passwords when signing in to internet sites; 3) I never allow my financial information to be cached; 4) I use a low limit ATM card that I keep < $200 in, for all online purchases; 5) I use Paypal, which uses the same low-limit card, whenever possible to pay for things on the internet; 6) I have a credit-watch service to monitor unusual activity, or who is requesting a credit check on me; 7) I always consider what I'm posting on the internet, with the mantra "would I be OK saying this in a court of law?"; 8) I will identify myself explicitly when I deem it beneficial to me, otherwise I try to anonymize my presence in forums and online whenever possible; 9) I expect that Big Brother (NSA) is monitoring everything I say and write, but I trust my government to do the right thing... most of the time.

Cheers!

Banyardi Schmardi
Post #1470175
« Prev Topic | Next Topic »

Add to briefcase 123»»»

Permissions Expand / Collapse