Most of us know about the principle of least privilege. After I wrote about network segmentation recently, I’d hope that most of us know that limiting access to production data from all workstations might also be a good idea. Many of us also know that unusual patterns of access might indicate an issue. I wonder how many of us have a system in place to look for unusual access, especially this is something that might help us prevent, or at least detect, potential hacking activities.
I wonder if we’ll get to the point where we need to do more and not only implement better auditing of system, but also data access. Will we need to actually monitor what data is accessed and ensure there is a valid need to do so? That was probably needed in this case, where various employees accessed a woman’s DMV data for who knows what purposes. This is a creepy story, and I’d hope that it’s the rare man that actually does this in any company, for any kind of data.
As a general recommendation: please don’t spy on someone that you want to date. It’s very much an invasion of privacy and no way to develop a relationship with anyone.
There were logs of access in this case, which isn’t the case in some states, but there should be more logging of access. The default “black box” trace in SQL Server doesn’t give us much information, though if you have a monitoring system in place, you likely do get more data. The logs of who and what are important, and they are something I’d like to see built into SQL Server by default, an easy way to log activity, with some archival/management of the data.
Too many of us don’t log anything, and maybe it’s not important for some applications, but in the cases where sensitive data is stored, I think logging ought to be required, and I’m hoping GDPR 2.0 or other laws mandate this, perhaps with some retention of a year. I know I’d certainly like to see this built into more applications.
The way we handle personal information has been poor for most of the digital age, and I would like to see that changed in a number of ways. I think requiring compliance against a standard might be the best way, though without specifying an implementation. This way we accept the responsibility of safeguarding data that we already should feel.
Listen to the podcast at Libsyn