Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do You Deal With Sensitive Data?

Posted by ryuzaki0 on from the just-turn-off-db-access-for-everyone dept.

imus writes "Just wondering how most IT shops secure sensitive data (customer records). Most centrally managed databases seem to be monitored and maintained very well and IT workers know when they are tampered with or when unauthorized access occurs. But what about employees who do legitimate selects from these databases and then load CSV files and other text files onto their laptops and PDAs? How are companies dealing with situations where the database is relatively secure, but end-use devices contain bits and pieces of sensitive business data, and sometimes whole segments? Does anyone use sensitive data discovery software such as Find_SSNs or Senf or other tools? Once found, how do you deal with it? Do you force encryption, delete it or prevent extracts?"

1 of 226 comments (clear)

  1. Re:Once found, here's what you do by drinkypoo · · Score: 0, Troll

    The real reason you train everyone is so that there are no excuses. Everyone knows. However, you legally can't make it after work hours in many if not most states...

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"