In looking at the news, I'm wondering if encryption would have prevented any of the known data breaches. I'm thinking of Equifax, Anthem, Target and Yahoo for starters. If one steals a database, they need to be able to steal the means to read it which would mean they have a computer compatible with the target company and the corresponding software. While dumps of tape files can give probable hits, if the record descriptions aren't available, there is at least some difficultly in guessing which fields are what. How did the thefts work and to what extent did the thieves appear to the system as valid users?
Are test systems, even with data masking applied to production data, of use to thieves? What are the risks of encryption? Loss of password or keys seems a noticeable risk as does compromise of same. Clark Morris ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
