How Do You Deal With Sensitive Data?

imus writes "Just wondering how most IT shops secure sensitive data (customer records). Most centrally managed databases seem to be monitored and maintained very well and IT workers know when they are tampered with or when unauthorized access occurs. But what about employees who do legitimate selects from these databases and then load CSV files and other text files onto their laptops and PDAs? How are companies dealing with situations where the database is relatively secure, but end-use devices contain bits and pieces of sensitive business data, and sometimes whole segments? Does anyone use sensitive data discovery software such as Find_SSNs or Senf or other tools? Once found, how do you deal with it? Do you force encryption, delete it or prevent extracts?"

Re:Easy

[QuantumRiff]

Try having well written, very clear policies that that kind of action is forbiden. Of course, a piece of paper means crap to most employees, but the first time you fire someone for violating that policy, the grapevine and water cooler will provide more training than a dozen hour long meetings could convey..

12345

[lazycam]

The strength of your encryption means nothing in the face of a user who insists on using their birthday as a password or keep a post-it on their computer monitor. Unless you are able to force individuals to use strong or randomly generated passwords you are at a loss. In the end, human behavior will circumvent our best security.

Um

[Mateo_LeFou]

Isn't the point of GP that when you pay the proper amount, you can often count on -- gasp -- *competent people coming to work.

Legitimate selects?

[MartinG]

What about employees who do legitimate selects from these databases and then load CSV files and other text files onto their laptops and PDAs?

What kind of employee? General users shouldn't be doing selects directly anyway, but should be using software that limits what they can query to the minimum information they need, preferably not in a general purpose form like csv. On the other hand the developers of that software need to do all and any kinds of selects for a whole range of reasons. They however, should not be let anywhere near the actual production databases.

This is how we do it anyway.

Re:Policies

[aztracker1]

Personally, I can't see *ANY* instance where a full set of SSNs for more than a handful of people should *EVER* be needed on a laptop... I mean, if you are entering data, sure... but WTF should anyone be carrying around some of the information that gets leaked.

I think *IF* such information is needed for lookups, then a 1-way hash is a necessity. If you aren't responsible for dispatching to customer locations on a weekend, then you shouldn't need street addresses. I can see needing some information for customers, but SSNs, or CC data should *NEVER* be on anything outside of the office, or a backup storage facility.

It's that simple. No SSNs leave the office... No CC information leaves the office... no street addresses leave the office, unless absolutely necessary.

I've seen smaller companies that have the entire database in the "on call" laptop, that gets copied from the server friday, and to the server monday.. I shudder every time I think about it...

Re:Easy

[techno-vampire]

Try having well written, very clear policies that that kind of action is forbiden.

It's all well and good having policies like that, but if your employees either don't know about them or can plausibly claim they don't know, they won't do any good. Every employee who has, or even might have access to sensitive data should be required to sign a copy of that policy and it should be part of their records. That way, if anything happens, they won't be able to pretend they didn't know they were violating company policy. Depending on local laws, this might help you avoid (or defend) a suit for wrongful termination.

Re:Easy

[syousef]

but the first time you fire someone for violating that policy

Another one that thinks the solution is to fire employees, and gets modded insightful. You know what I get the impression that most slashdotters would make piss poor bosses. Firing employees randomly when they violate a policy to set an example isn't exactly smart.

Do you know what it costs to hire an employee, and get them up to speed doing their job well? Never mind the fact that the next person you hire to fill the roll might be a dud, or that the job market may mean the position goes unfilled for quite some time. Do you know what it does to morale? That gossip around the water cooler gets people updating resumes and looking for work elsewhere before they're fired for some other petty reason to set an example. Then there's the legal aspect - if you're wanting to avoid unfair dismissal claims providing clear guidelines is just one step - you have to show that the on the spot firing was justified. Then there's the human aspect - unless you're a soul-less piece of shit that cares not a jot about destroying a family's livelihood you may want to look for actions that don't leave people jobless.