Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do You Deal With Sensitive Data?

Posted by ryuzaki0 on from the just-turn-off-db-access-for-everyone dept.

imus writes "Just wondering how most IT shops secure sensitive data (customer records). Most centrally managed databases seem to be monitored and maintained very well and IT workers know when they are tampered with or when unauthorized access occurs. But what about employees who do legitimate selects from these databases and then load CSV files and other text files onto their laptops and PDAs? How are companies dealing with situations where the database is relatively secure, but end-use devices contain bits and pieces of sensitive business data, and sometimes whole segments? Does anyone use sensitive data discovery software such as Find_SSNs or Senf or other tools? Once found, how do you deal with it? Do you force encryption, delete it or prevent extracts?"

3 of 226 comments (clear)

  1. Sensitive Data by cheebie · · Score: 5, Funny

    I try not to talk loudly around it, and make sure it's emotional needs are met.

  2. Our hospital records are strongly protected by Anonymous Coward · · Score: 5, Funny

    we use a robots.txt file and a strongly worded "keep out - private data" header on all important records

  3. Enforce Strict Naming Conventions by jaguth · · Score: 5, Funny

    I name all of my sensitive files, databases, tables, and fields with names that nobody would want to touch, such as "Smashing Pumpkins Discography DB", "tblPeeWeeHerman", "Oprah.txt", ect.

    And for storage, I burn them all to DVD and put them inside empty "Aerosmith" jewel cases. Keeps them nice and safe from prying eyes.