Automatic Redaction of PII

  • Comments posted to this topic are about the item Automatic Redaction of PII

  • Steve,

    While I do like the article that you wrote, I would like to point out that you never defined PII ( Personally identifiable information ) in it.  I am sure that there were many people who read it, but at the end still did not know what PII was.

    Mark

     

     

  • Hi Steve,

     

    I am confused by this point :

    " I find less and less resistance from developers about using sensitive production data in development environments, but still too much."

    Are you saying you want sensitive data to be less secure?

    Kind regards,

    Jack

  • Customer centric database records, documents, and audio transcripts are just the tip of the iceberg - GDPR also regulates CCTV footage.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • Mark Moss wrote:

    Steve,

    While I do like the article that you wrote, I would like to point out that you never defined PII ( Personally identifiable information ) in it.  I am sure that there were many people who read it, but at the end still did not know what PII was.

    Mark

    Good point. I made a poor assumption here. I'll correct that.

  • jackExceedra wrote:

    Hi Steve,

    I am confused by this point :

    " I find less and less resistance from developers about using sensitive production data in development environments, but still too much."

    Are you saying you want sensitive data to be less secure?

    Kind regards,

    Jack

     

    Poorly worded. I've had many developers (customers and non-customers) that resist doing anything about PII data in non-prod environments, meaning, they use data freely even though there are less protections and security in development and test environments.

    Slowly I find developers getting better and wanting to use obfuscated, sanitizied or generated data, but still the majority don't feel this is an attack vector they worry about. This despite so many cases of these less secure environments being attacked.

     

  • Okay, I get what you're saying now, that makes more sense

  • Interesting idea, but my guess is that Amazon is keeping a lot more PII (especially if one extends the PII concept to potentially sensitive audio conversations) than it is helping to protect. Really it all depends on how much they stand to profit from one approach vs the other.

     

    -- webrunner

    -------------------
    A SQL query walks into a bar and sees two tables. He walks up to them and asks, "Can I join you?"
    Ref.: http://tkyte.blogspot.com/2009/02/sql-joke.html

Viewing 8 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic. Login to reply