Comment So what is the answer? (Score 2, Insightful) 289
So what is the answer? Consider the following:
-An application requires that the user be able to process personal data about clients.
-The Social Security Number and other "sensitive" data is required by US government.
-The application must work across a wide geographical area. The application is on PCs that although locked up in buildings, could be stolen.
-Regardless of connectivity the data application must perform all functions, access all historical records of the client. So it must have some sort of local cache to enable work when connectivity is not available. (Yes, there are many places where reliable high speed network access is not available.)
-Data is reported periodically for aggregation by encrypted synchronization to a central repository.
Considering this, what does one do?
What local cache of the data could you possibly use and how would you secure it?
If someone steals the pc, how would they NOT be able to get into it? And how do I secure hundreds of pcs spread over hundreds of miles that are not connected to a single network?
If I encrypt individual fields in the local database, how do I know when I have done enough of them?
For that matter, what if someone steals the entire central database repository? How would it be possible to guarnatee they can't get it?
I'm dealing with shades of gray- when is the gray dark enough?
-An application requires that the user be able to process personal data about clients.
-The Social Security Number and other "sensitive" data is required by US government.
-The application must work across a wide geographical area. The application is on PCs that although locked up in buildings, could be stolen.
-Regardless of connectivity the data application must perform all functions, access all historical records of the client. So it must have some sort of local cache to enable work when connectivity is not available. (Yes, there are many places where reliable high speed network access is not available.)
-Data is reported periodically for aggregation by encrypted synchronization to a central repository.
Considering this, what does one do?
What local cache of the data could you possibly use and how would you secure it?
If someone steals the pc, how would they NOT be able to get into it? And how do I secure hundreds of pcs spread over hundreds of miles that are not connected to a single network?
If I encrypt individual fields in the local database, how do I know when I have done enough of them?
For that matter, what if someone steals the entire central database repository? How would it be possible to guarnatee they can't get it?
I'm dealing with shades of gray- when is the gray dark enough?
