Quasi-identifiers, or indirect identifiers, are personal attributes that are true about, but not necessarily unique, to an individual. Examples are one’s age or date of birth, race, salary, educational attainment, occupation, marital status and zip code.
According to Simson L. Garfinkel at the NIST Information Access Division’s Information Technology Laboratory,
De-identification is not a single technique, but a collection of approaches, algorithms, and tools that can be applied to different kinds of data with differing levels of effectiveness.
According to Trent Henry of the Burton Group,
Data protection needs to take into account both internal and external threats, including those against critical database and application resources.
Database Test Data Usage – This blog caught my eye because of its title, Do the right thing when testing with production data. It struck me as oxymoronic, since we know production data should not be used for testing at all …
Of course we know how tempting it is to use production data for testing applications, simulating databases, prototyping ETL operations, and just about anything else that needs to work with the real thing.
Encryption key management is one of the most important “basics” for an organization dealing with security and privacy protection. Major data losses and regulatory compliance requirements have prompted a dramatic increase in the use of encryption within corporate data centers.