For a highly selective and sensitive database, something  like AIDS patients or voter records, address should be protected. Not only can it be used in conjunction with...

Now that's an interesting idea, Roger. Imagine we could easily store every address in an area, or maybe a whole host of fake addresses that we don't even link...

For a highly selective and sensitive database, something  like AIDS patients or voter records, address should be protected. Not only can it be used in conjunction with other public...

Except...

Microsoft's build quality has dropped significantly in the last few years, particularly with Windows monthly patches and their attempts at accelerating the update cadence. They're really not a good poster...

I have to disagree with the author. If you aren't paranoid about security/privacy (which converge in this matter) you aren't doing due diligence. Addresses being a case in point. I...

Monitoring is the wrong approach. Flat denial of privilege is the correct one. Why go to the pain and expense of tracking access, storing the data, having to analyze the...

Ok, there's lazy and then there's no-account. 🙂

Lazy is an asset. Lazy means you do the job once and in the process create a way to automate it so you...

You know what the excruciatingly missing piece to all this is?

Documentation. Not the BS that passes for documentation these days, I'm talking "For Dummies" level intro material that tells you,...

Of course, you could always take the brute force approach. 🙂

Create a table with all valid SSNs and set up a left join to it.

By today's...

The whole paradigm of security as currently envisioned is "not even wrong", the wonderful phrase by Dr. Pauli.

It should not be the job of company IT staff to...

You mean actually think things through before rushing to get code out the door?

What a revolutionary concept!

/snark

Concerning the ambiguous dates, the dd/mm/yyyy format ends to be common in Europe and a few other places. Does your table have some kind of geographical identifier? Or can you...

The first question that should be asked is, should you even have a data lake or data warehouse?

Harking back to the whole security issue, a data lake is...

When governments cannot properly secure their data, when mega-corporations cannot secure their data, that's a glaring neon sign saying we need to fraking stop trying to store sensitive data because...