Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

What Data Should You Protect?

By Steve Jones,

I'm starting to think that we might need to protect almost all data. Perhaps even encrypting more fields in our systems than we have in the past. After reading this article about how 10 digits are enough to identify you, I'm more than a little worried.

The article talks about only needing your birthday, your zip code, and gender to positively identify the vast majority of people in the US. That's not much information, and it definitely means I'm definitely not giving out my birthday anymore to the vast majority of people that ask for it. I'll likely not even use my current zip code anymore since most of the places that ask about it are probably fine with knowing the general area and don't need the specific code.

More and more it appears that it is possible to single out people using online systems because of the algorithms used. There are smart people out there looking to find out how things work and challenge themselves to do so. There are other smart people out there looking to exploit this information for criminal purposes. In both cases, it makes for a scary online world.

More and more I think that we should be using identity information less and less, and sticking with pseudonyms, "handles" and surrogate keys to allow us to interact with clients and customers. How often do we really need to keep accurate personal information about people? I think that the drive by database people to have "accurate" information leads us to gather and store more than we need.

As DBAs, I think it's important to really stop and think about what information we need to store about someone when designing a data model. The business people will always want everything, and while I think more data is usually better, I'm not so sure in this case.

Be a responsible data modeler, and take into account privacy and security information when you build your model.

Steve Jones


The Voice of the DBA Podcasts

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there.

You can also follow Steve Jones on Twitter:

Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.

Total article views: 137 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Podcast Announcements

Podcast Feeds

BLOG

Podcasting

A new video setup is on the way!!!! Actually I'll do a couple podcasts on podcasting over the hol...

BLOG

New Hebrew SQL Server Podcast

Five months ago, I wrote a post about my love for Podcasts. At some point, I started to think about...

FORUM

Information about reports ran

Information about reports ran

BLOG

Thinking on Business Cards & Connecting

I’ve been thinking about the problem of connecting people at events for a while – what could we do t...

Tags
database design    
editorial    
security    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones