SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

More Regulation Coming?

By Steve Jones,

This editorial was originally published on Jun 22, 2011. It is being re-run as Steve is out of town.

Recently Citibank had hackers access a large number of credit card numbers and account details for their customers. It was all over the news, but there was a great piece in the New York Times (registration required) about how this seems to be a nagging problem. We've had data breaches before, and banks have had security issues, but they don't seem to be learning. A number of government officials in the article are quoted as seeking new regulations for data security.

As data professionals, we are often charged with ensuring data is safe, yet accessible to authorized individuals. That responsibility can be hard to manage, especially when our management often doesn't want to increase our budgets, or accept more restrictive ways of authenticating users or even slower access. I certainly don't envy the IT folks working at banks and healthcare companies, and am not sure I'd even want to take a job in those industries in the future.

I don't think that more regulation is necessarily the answer, at least not direct regulation. Technology changes so quickly, systems are implemented in diverse ways, and direct regulation often leads to rules that exist to help some vendor profit, not provide better security.

Whether we get new regulation or not, I think that most of us need to learn more about what security methods work well in our systems, the implications of picking a specific type of encryption, and in which ways we can be audit our systems to detect issues. In the days of limited budgets and apathy from management, a little education is the best way to improve the security of your systems.

 
Total article views: 191 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Security Regulations

There have been calls for governmental security regulations for IT. Is that a good thing? Steve Jone...

FORUM

Security Regulations

Comments posted to this topic are about the item [B]Security Regulations[/B] Whilst I agree that on ...

FORUM

Security Managemen Systems

problem with Security Managemen Systems

ARTICLE

Data Freedom and Regulation

There are a lot of regulations around data in the medical field. Most of the exceed HIPAA, but end u...

FORUM

System Table Access

Logins and their access to system tables

Tags
editorial    
 
Contribute