Wednesday, December 6, 2017

There's no such thing as too big to fail for databases

found on FRSecure

Not to long ago I tweeted:
That which is collected will eventually be breached
Large breaches like the one at Equifax prove this point in spades, but it really goes for anything. We can't stop all the breaches, so eventually one is going to succeed and the data we (whoever we happens to be) have collected will be released.

The best way to deal with this is to not collect sensitive data in the first place. The second best way is to not keep it for very long. The more data you have the bigger a deal such a breach becomes, so while some banks may be too big to fail it's actually the opposite that holds true for databases.