Oy vey – Poor Security Habits Highlighted Again
The March 2011 issues of Database Trends and Application has an article that highlights the results of a new survey of DBAs and DBA Managers that reveals complacency results in lax oversight of sensitive information. You can read the article here. While every aspect of the research finding is is disturbing what I found most disturbing is the amount of real “production” data that is used outside of production systems.
I find this so disturbing because it means the likelihood that my personal information is living in development and test systems is pretty high. Data obfuscation techniques have been around for a long time. I did a Bing search on “SQL Server data obfuscation”, the first result back is this article by John Magnabosco. It’s a good article that explains how you can build your own data obfuscation capabilities so data can be safely moved outside the production environment. At the end of the article he mentions a product from Red Gate called SQL Data Generator. I haven’t used this product but Red Gate offers a free trial and a single user license is under $300 (according to their web site).
There are a lot of DBAs out there who take their craft and their role as data steward very seriously. They implement strict standards for access production data and handling of production data. Then there are those who don’t, either because they don’t their craft seriously or because they don’t know any better. These are the DBAs who need training, coaching and mentoring. Which type of DBA are you?
Remember, your personal data is under the management of both types of DBAs!