- TalkBack 5 of 6:
- Next »
- « Previous
- Thread View
- Flat View
- Sequential numbers are not the real problem
-
The real problem is that someone unauthorized could access the data at all.
If as a customer has a login which gives them total access to a database, this is where the security issue lies. A customers login should only give them access to the records in a database to which they have legitimate interest and no other. In this case sequential random or the names of the of the employees will have no more significance other than a way to access the records a client is entitled.
Relying on random numbers to secure data is no less foolish than sequential numbers. Even a simple script running a sequal number counter could access in time every record in the database no matter howmany didgits you use.
You have to put the security on the data not just the database. A smart programmer may also put in triggers which sound an alarm when someone attempts to access data outside of what they are entitled.
This case was clearly a disaster waiting to happen. I think the company has been fortunate that it wasn't discovered from an investigation of identity fraud. Maybe it's not a federal law just to be notified but a federal law making anyone who holds data on individuals and organizations responsible for that data, thay they must attempt to clearup any damage caused as a consequence and compensate the person or organization for any consequential losses.
No that would be a law with teeth, it's enforcable because the organization isn't going anywhere and if they allow data to be stolen they are at fault. That should make a great improvement in reducing identity theft. - Posted by: agottschald Posted on: 03/22/05 You are currently: a Guest | Members login | Terms of Use
Simple security
vasanthm | 02/24/05
|
|
I guess they don't test software in India
BXLE | 02/24/05
|
 
I didn't see India in the text of the article.
agottschald | 03/22/05
|
|
Very poor website planning
Ironiclife | 02/24/05
|
Sequential numbers are not the real problem
agottschald | 03/22/05
|
|
I guess No one will read my postings
agottschald | 03/22/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Can your business work smarter? Learn more about Lotus Symphony
- Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook
- Smarter ways to make smarter products Read the brief from IBM
