------------------------------------<snip>---------------------------------
You might consider this: "age" your data.
We allowed testing with production data that was at least 3 weeks old.
In our business, after 2 days, the data was useless, even to a malicious
attacker, so we let it age three weeks, then allowed app. staff to use
it for test purposes.
Interesting, but doesn't much help solve a production problem that happened at
2am today.
Plus the account numbers, personal identifiers (Tax ID et al), etc. most likely
won't have changed in three weeks...
-----------------------------------<unsnip>---------------------------------
The only thing in our data was a hashed key to a separate database with
that info. And our apps folks were not allowed access to that database,
under ANY circumstances. Attempts to access it were usually met with
disciplinary action, either as mild as a friendly reminder, or as strong
as immediate termination, depending on the offender's prior record
vis-a-vis security issues. At initial processing, the DB is accessed for
account status, after which only the hashed key is allowed in the data
records for all intermediate processing, up to the final creation of
electronic statements. When the user logs in to get his statement, his
logon data is used to get the account verified, then the hashed key is
used to assure that he gets his, and ONLY his statement. Anyone working
on a test version of a program, or a new set of applications, was
required to use a TEST database, with names like AAAAAAA B. CCCCCCCC and
account/tax id numbers like 12345678, or 999911110. And programs were
required to reject anything that didn't appear in the appropriate
database. Our databases were all IDMS hierarchical except the Accounts
file, which was a straight VSAM cluster (KSDS) with alternate indices
for LOGON ID and account number.
We were in the Futures industry, where knowledge of a competitor's
position on a minute-by-minute basis could result in grave damage
through malicious actions on the trading floor.
Rick
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
