January 16, 2018 at 9:06 pm
Comments posted to this topic are about the item It's Not Yours
January 17, 2018 at 2:25 am
I divide the scripts that I write into 2 categories.
• Anything that has business data in it, stays strictly within the company.
• Template-scripts that are often used for the first category *and* that have no business-specific data or fields from user-databases within.
An example of the second category is a series of scripts used to create transactional replication across 2+ servers. Any business-specific data is to be defined at the beginning in variables, which are left empty in the template. They are the sort of scripts that I should really upload to this site.
Another is the script I use every morning to check backups, failed jobs etc.
I have no problem taking these scripts home with me or bringing from one employer to another.
It is true that they were written on company time. On the other hand, the time I spending learning for my various MCP exams, which helped me write these scripts was done on my own time and I see it as a win-win for both me and the company.
January 17, 2018 at 3:17 am
Sean Redmond - Wednesday, January 17, 2018 2:25 AMI divide the scripts that I write into 2 categories.
• Anything that has business data in it, stays strictly within the company.
• Template-scripts that are often used for the first category *and* that have no business-specific data or fields from user-databases within.An example of the second category is a series of scripts used to create transactional replication across 2+ servers. Any business-specific data is to be defined at the beginning in variables, which are left empty in the template. They are the sort of scripts that I should really upload to this site.
Another is the script I use every morning to check backups, failed jobs etc.I have no problem taking these scripts home with me or bringing from one employer to another.
It is true that they were written on company time. On the other hand, the time I spending learning for my various MCP exams, which helped me write these scripts was done on my own time and I see it as a win-win for both me and the company.
Scripts and code are a different issue from data IMO. Normally the former is - well, not exactly fair game, but who's to say you haven't replicated it? In my experience it's not directly useful from one company to the next, but you normally like to remember particularly well crafted examples of this and that. Data on the other hand - I would never even consider taking that sort of thing.
January 17, 2018 at 6:52 am
I would think backing up classified information onto someone else's laptop would also be a no-no.
...
-- FORTRAN manual for Xerox Computers --
January 17, 2018 at 6:56 am
The title of this article is "Its not yours". While I definitely agree with that, I'm the DBA for the company I work for. That means that I'm charged with both the safety of the data and making it available to the right people and only the right people. The data is actually mine because I have to guard it and only distribute it to the right people as if my job depends on it... and it does.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 17, 2018 at 7:35 am
We provide analytics for our clients and they provide us with a full copy of their data. I have a login to the client’s CRM. There is a URL field in the export that they provide and when they first created the schema there were no constraints on that field and about 6 of those records has multiple URLs separated by a comma. Since the only export method they offered was a CSV the comma in the URL was causing the import to fail. Later they added constraints to make sure the URL was valid and only contained one record. I decided to “correct” the data figure out which was the best URL and change it in their system. The third URL that I hit infected my machine with malware (even though I have virus protection and current windows updates). That is what I get for over stepping my boundaries!
January 17, 2018 at 7:48 am
Sean Redmond - Wednesday, January 17, 2018 2:25 AMI have no problem taking these scripts home with me or bringing from one employer to another.
It is true that they were written on company time. On the other hand, the time I spending learning for my various MCP exams, which helped me write these scripts was done on my own time and I see it as a win-win for both me and the company.
Usually no one does, and certainly they want you to bring those when you come to the employer. However, I'd get permission or at least let the boss know. Never had an issue with this.
January 17, 2018 at 8:09 am
Jeff Moden - Wednesday, January 17, 2018 6:56 AMThe title of this article is "Its not yours". While I definitely agree with that, I'm the DBA for the company I work for. That means that I'm charged with both the safety of the data and making it available to the right people and only the right people. The data is actually mine because I have to guard it and only distribute it to the right people as if my job depends on it... and it does.
Still not sure the data is yours. It's your responsibility and you have accountability for doing your job, but you implement someone else's rules for managing the data and authorizing users.
January 17, 2018 at 8:27 am
... A contractor just pleaded guilty to stealing classified information from the US National Security Agency, about 50GB worth of data. This isn't a case of spying or malicious intent. Instead, the report is that the employee was a hoarder, just keeping copies of data for some unknown reason. Hopefully that's true ...
If you follow the link the news stories cite 50 (TB) not 50GB.
With a dataset that large, it makes one wonder which NSA database he downloaded. Maybe this guy was wanting to spin up his own implementation of a domestic surveillance program in his basement using a make shift Hadoop cluster.
Whether this is considered theft should be based on how many security controls he had to bypass in order to download that much data. Did he login using a privileged account? Did he siphon off a little at a time in an effort to avoid detection? Does the NSA have so much spare network bandwidth that a 50 TB dump wasn't noticed while in process?
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
January 17, 2018 at 8:32 am
Jeff Moden - Wednesday, January 17, 2018 6:56 AMThe title of this article is "Its not yours". While I definitely agree with that, I'm the DBA for the company I work for. That means that I'm charged with both the safety of the data and making it available to the right people and only the right people. The data is actually mine because I have to guard it and only distribute it to the right people as if my job depends on it... and it does.
I don't understand how this grants you possession of this data. Can you take it home and subsequently erase it from the company's computers?
January 17, 2018 at 9:28 am
patrickmcginnis59 10839 - Wednesday, January 17, 2018 8:32 AMJeff Moden - Wednesday, January 17, 2018 6:56 AMThe title of this article is "Its not yours". While I definitely agree with that, I'm the DBA for the company I work for. That means that I'm charged with both the safety of the data and making it available to the right people and only the right people. The data is actually mine because I have to guard it and only distribute it to the right people as if my job depends on it... and it does.I don't understand how this grants you possession of this data. Can you take it home and subsequently erase it from the company's computers?
Of course not. But I have been charged with protecting it. That means that I "own" it, probably not in the way you're thinking, though.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 17, 2018 at 9:33 am
Steve Jones - SSC Editor - Wednesday, January 17, 2018 8:09 AMJeff Moden - Wednesday, January 17, 2018 6:56 AMThe title of this article is "Its not yours". While I definitely agree with that, I'm the DBA for the company I work for. That means that I'm charged with both the safety of the data and making it available to the right people and only the right people. The data is actually mine because I have to guard it and only distribute it to the right people as if my job depends on it... and it does.Still not sure the data is yours. It's your responsibility and you have accountability for doing your job, but you implement someone else's rules for managing the data and authorizing users.
Of course the data isn't actually mine to do with as I please. When I say "it's mine", I've been charged with protecting it. I also protect it against "someone else's rules" if those "rules" aren't within the rules I've been asked to enforce as a part of my job. In other words, I'll tell the CEO or even the parent company "NO" if something doesn't seem right with a given request until I can verify that the request is real and follows the rules. It's been a question that you have asked many a time in your editorials. And, yes... I also follow the rules.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 17, 2018 at 10:38 am
I don't think he's a "hoarder", I just think he hadn't figured out how to sell it yet. I bet it was his retirement plan. :Wow:
January 17, 2018 at 10:59 am
Probably better to delineate the true owner of the data "de jure" is the organization who employs you. A DBA might feel they are a "de facto" owner within the organization. Both are correct but different. Insider threats are real and a big problem. Most organizations don't have the capabilities to monitor their file systems and unstructured human generated data. They don't know where it is, who owns it, or the permissions history for the ACL. It is a big modern problem for us to solve.
January 17, 2018 at 12:02 pm
Eric M Russell - Wednesday, January 17, 2018 8:27 AM... A contractor just pleaded guilty to stealing classified information from the US National Security Agency, about 50GB worth of data. This isn't a case of spying or malicious intent. Instead, the report is that the employee was a hoarder, just keeping copies of data for some unknown reason. Hopefully that's true ...
If you follow the link the news stories cite 50 (TB) not 50GB.
With a dataset that large, it makes one wonder which NSA database he downloaded. Maybe this guy was wanting to spin up his own implementation of a domestic surveillance program in his basement using a make shift Hadoop cluster.
Whether this is considered theft should be based on how many security controls he had to bypass in order to download that much data. Did he login using a privileged account? Did he siphon off a little at a time in an effort to avoid detection? Does the NSA have so much spare network bandwidth that a 50 TB dump wasn't noticed while in process?
(Note, I didn't read the source article)
If this is the guy I think it is, that I had heard about last year, it wasn't a database he took home, it was actual physical documents and disks in bankers boxes sitting on the back seat of his car...
Which also led to some people wondering how he managed to get these out to his car without being stopped, and out the gate without being stopped.
Viewing 15 posts - 1 through 15 (of 24 total)
You must be logged in to reply to this topic. Login to reply