Protecting Data from the Inside

  • Phil Factor

    SSC-Insane

    Points: 20064

    Comments posted to this topic are about the item Protecting Data from the Inside

    Best wishes,
    Phil Factor
    Simple Talk

  • sterling3721

    SSC-Addicted

    Points: 445

    Agree. this is the sensitive case I was involved. A consultant was hired by my employer to work on a payroll-related project. I provided access to live data and testing data, the consultant still copied the data to his local workstation. Since he was hired by the CEO and advised me how to be more visible to the CEO, CEO often stepped in for the issue(s) he said he faced(not really, sometimes, just a disguise for time delay), I didn't say anything on the consultant's practice, although he might have copied my pay history to his local disk.

  • MVDBA (Mike Vessey)

    SSC-Insane

    Points: 21757

    Back in 2005 I started a new job with a large UK based gambling company.

    I think it might have been my 2nd week with the company and I got pulled into a meeting with The CIO. I was unsure if i'd done something wrong

    Apparently a project manager had let themselves into the server room, plugged a USB drive into a server and taken overnight backups so that our 3rd party vendors could diagnose a fault.

    obviously  the files were encrypted, but the PM had written the password on a postit note and put it in the parcel and sent it first class unregistered post.

    the details on the files were photocopies of driving licences, bank details, addresses and photos from the casino.. including many high profile celebrities.

    needless to say, the disk got lost in the post. - it's not always malicious, but often incompetence that can cause a data breach

    MVDBA

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply