Monday, April 11, 2005

Getting to the root of ID theft problems

There is an article on ID theft causes that has a great summary of the fundamental factors in ID theft from entities entrusted with your private data They can't steal data you don't have

We have observed that some of the sensitive data that gets stolen fits into one of several categories:

  • Data that was never needed

  • Data that was needed but should never have been stored

  • Data that was originally needed but was kept far beyond its useful life

  • Data that should never have been stored in an unencrypted form

At some point, the question "Did you consider not having this data" is going to become a standard part of lawsuits. If you're an IT manager, are you planning for that day?

I had actually included these questions in a decision tree for my corporate privacy strategy. Most people go right to the "encrypt" sensitive data and don't back up and ask these more fundamental "behavioural" questions that actually are often a) more effective at solving/eliminating the problems and b) have less drawbacks than simply "encrypt everything everywhere, but still store it".

I've seen the "encrypt everything everywhere" mantra effectively require "copies of encryption keys everywhere", which gives your corporation a false sense of security. "The data's encrypted", the executives say. However, if you cannot implement secure key management (you have to know that you need to do this, then have the knowledge to design the solution to be effective and manageable, then you have to be able to implement it across diverse groups who don't all understand cryptography...), then you effectively have the keys to decrypt the data right next to each of your excessive, unnecessary encrypted copies of that sensitive data.

Beware the buzzword-compliant solution!

No comments:

Post a Comment