Not sure this is where I need to enter this comment but here goes. In reading the latest article I began thinking about all of the problems DBA's have with security and I think the problem originates with the basic premise of the DBA. As a DBA we are foremost tasked with creating a logical repository for the data we store. I believe this is the downfall we face. In order to create a truely secure environment we must introduce a bit of abstraction. Years ago performance was a large issue and the number of IO actions determined the success or failure of an application. That is no longer the biggest issue we face. To keep this short I am advocating splitting the data accross multiple database instances with some obscure key defined by the enterprise. The first name of a customer would be stored in a separate database from the last and the key would be used to locate the appropriate instance containing the associated column. This instance could also contain street names so there was no direct way to know the meaning of the data. I am going to name this Obscure Data Collection for the time being. If someone has already proposed this I appologize.