Data Breaches: More for the Ethical DBA to Think About

This definitely ties into two of my recent blog entries: The Ethical DBA? and Massive Data Sweep, albeit with a different twist. The basic truth that cannot be denied is that we are gathering more and more data and that data is constantly under attack.

But the attacks come in many forms. One type of attack is the one mentioned in the eWeek article: where an organization allows personal financial data to be surreptitiously accessed or stolen. Modern organizations are going to have to come up with better methods of protecting "their" data. And I place "their" in quotes because it is not really theirs, but ours (meaning, the customers of these companies). We share our data with them under the assumption that the organization will be a good custodian of that data. Often, this is a bad assumption. As such, more government regulations are in the works to enforce better data governance. This, I believe, is a good thing.

As data professionals, many of us are just cogs in the machinery. But we need to become cognizant cogs! By that I mean we need to become better informed about what our employer's are doing to protect data. Even further, we need to make sure that it is an acceptable use to which our employer's are putting that data.

If we don't do it, who will? Do you trust the government to get it right? What happens when it IS the government that is abusing data? This problem is not going away. Solutions, though, are slow coming. Especially when it involves something nebulous, like ethics and morals...

Added February 23, 2005:

If you are interested in reading about the many, many data breaches that have already happened and their consequences, I point you to this great compendium from Computerworld.