More Data Security Issues

Insiders and human frailty are still a big problem in data security, according to a new study from Symmatec. Along with system issues these account for two thirds of data breaches. I suspect system issues means misconfiguration and poorly written code (from a security standpoint), though I can't be sure there aren't other factors that contribute. What's disconcerting is that employee behavior problems seem to be rising.

I think this is partly the result of attitudes and a lack of loyalty and respect from many companies towards their employees. It seems that job dissatisfaction is on the rise, and coupled with a lack of employment security, this makes it easy for some people to ignore regulations, not bother securing their systems, or even copy internal data themselves.

I don't know how we change the insider problems without fundamental employer/employee cultural changes. I'm not confident those will change in the short term, and I suspect next year's report might look similar to this one. I do know, however, that we can each to a better job by learning more about secure coding, secure installation, and encryption. Many of these topics aren't that hard to understand or even implement, but they do require some practice to build habits and become comfortable with the technologies and processes.

Security is looking like a constant challenge for those of us working with technology for the foreseeable future. Learning more about how it works, and building the habits to implement it smoothly, in all our systems, or the challenge we should take on for ourselves.

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Watch the Windows Media Podcast - 14.6MB WMV
Watch the iPod Video Podcast - 17.6MB MP4
Listen to the MP3 Audio Podcast - 3.6MB MP3

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Lockdown or Let Them Free

by Steve Jones

SQLServerCentral.com

Editorial

Do we take security too far? Are we creating unnecessary rules for those that need to use the resources we support? Steve Jones talks today about security and how we might want to approach it when handling rights for developers.

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

4.5 (2)

You rated this post out of 5. Change rating

2014-06-27 (first published: 2009-09-21)

217 reads

Discuss

Placing a Value on Data

by Steve Jones

SQLServerCentral.com

Editorial

What's your stolen data worth? It might be worth investigating, as Steve Jones suggests. Then you'll know how much you should be spending to protect it.

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

You rated this post out of 5. Change rating

2009-08-05

66 reads

Discuss

The Danger of Algorithms

by Steve Jones

SQLServerCentral.com

Editorial

What problems occur because of the algorithm chosen to generate data? A new report says that social security numbers in the US can be predicted. Steve Jones has a few warnings about what algoriothms you choose.

★ ★ ★ ★ ★ ★ ★ ★ ★ ★

You rated this post out of 5. Change rating

2014-04-28 (first published: 2009-07-27)

326 reads

Discuss

Administering Securely

by Steve Jones

SQLServerCentral.com

Editorial

A common request is how can you secure SQL Server data and prevent the system administrator from viewing data. Steve Jones talks a little about the issue and how you can handle it.