The GDPR starts getting enforced in a few weeks. It's been law for a couple years, but the authorities have given companies time to comply. I know various entities are frantically working towards compliance as I keep getting updates to Terms of Service. My company is among them, and we are diligently ensuring we can prove that we aren't violating any rules. That's good because I'm sure fines will reduce any bonus we might earn this year.
As I've been reading over the law and talking with customers, I've learned quite a bit. Redgate Software builds products to help with compliance and we're updating guidance and information on how to work with data. As I've helped to update information and explain concepts I keep running into the term "pseudonymisation". If you listen to the podcast, you'll probably hear me struggle to pronounce it, but more importantly, I was initially confused about what this actually meant.
The Data Protection site from Ireland has a great description of how this differs from anonymisation. You can read through the document, but anonymisation means that the data can't be some how reverse engineered to find the original data. In terms of privacy, an anonymised set of my data wouldn't allow anyone to determine the data is about me.
If the data is pseudonumised, data about me would be replaces with a token, but there might be other means of discovering a data set is about me. As an example, in an eCommerce system, you might have an order key in a dev data set that's copied directly from production. However, my name would be replaced with something else, like Bob Smith. It's not apparent that it's my data, but the protection is limited. If the data were anonymised, the order key would be replaced as well to prevent reverse engineering.
Many of us have gotten used to being lax with dev and test data, often just restoring from production. It's handy, convenient, and allows you to find problems in production or verify changes using known values. The downside of this is that we have poor data security. There are noshortage of data breaches from dev and test systems. Certainly plenty of data has been lost from developer laptops as well. Even if you had your laptop encrypted, there's no real excuse for using real data in less secure environments.
We need to learn to use anonymised data, and become comfortable with the idea of working on secure data sets. That also means we need the skills to ensure we build good, useful, valid datasets with production-like characteristics.
The Voice of the DBA podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music.
The industry standard for comparing and deploying SQL Server database schemas
Trusted by 71% of Fortune 100 companies, SQL Compare is the fastest way to compare changes, and create and deploy error-free scripts in minutes. Plus you can easily find and fix errors caused by database differences. Download your free trial
Database DevOps Demo Webinar
Learn how to automate your database deployments alongside your app code in this free demo webinar. Register now
Three SQL Server MVPs (Jonathan Kehayias, Ted Krueger and Gail Shaw) provide fascinating insight into the most common SQL Server problems, why they occur, and how they can be diagnosed using tools such as Performance Monitor, Dynamic Management Views and server-side tracing. The focus is on practical solutions for removing root causes of these problems, rather than "papering over the cracks". More »
Microsoft HDInsight is the cloud service that deploys and provisions Hadoop clusters on the Azure cloud. It's a completely managed, open source analytics service to support enterprise needs and supports a wide variety of scenarios with the help of open source frameworks like Hadoop, Storm, Spark, R Server and Hive. More »
Prepare for Microsoft Exam 70-765–and help demonstrate your real-world mastery of provisioning SQL Server databases both on premise and in SQL Azure. Designed for experienced IT professionals ready to advance their status, Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the MCSA level. Get your copy from Amazon today.
Yesterday's Question of the Day
(by Steve Jones):
I want to create a database and set the maximum size for a database file in SQL Server 2017. I can use the MAXSIZE parameter to do this. What can I specify for the value of the parameter? (choose 3)
A numerical value with "TB" appended
Use the keyword "unlimited"
Just a numerical value with no scale
The MAXSIZE parameter can take a numerical value with the optional sizes of KB, MB, GB, or TB. There is no percentage value. You can also choose to use "unlimited" instead of a numeric value.
Updating datetime2 column not working
Trying to update some datetime2 columns.
UPDATE T_MYTABLE SET dateTransferred = '2018-03-26 05.00.00' where id = 1223
Causes an error. So, I tried casting it.
SQLJOBVIS - anyone still have a copy?
- This is the nifty old utility talked about in this article.
It seems the company and the website no longer...
This newsletter was sent to you because you signed up at SQLServerCentral.com.
Feel free to forward this to any colleagues that you think might be interested.
If you have received this email from a colleague, you can register to receive it here.