Personal data on tens of millions of veterans was compromised. It was on
a laptop that was stolen. Why wasn't the data encrypted? Methinks the
time has come for dbisam to shout to the US government the power and
ease of encrypted databases!

Sanford,

<< Personal data on tens of millions of veterans was compromised. It was on
a laptop that was stolen. Why wasn't the data encrypted? Methinks the time
has come for dbisam to shout to the US government the power and ease of
encrypted databases! >>

 Actually, I think that the US government has rules that state that
certain laptops/computers must always be "locked down" and secured.  They
probably just didn't include this laptop in the bunch, and most likely
because they don't feel that the privacy of citizens is a particularly vital
issue.

--
Tim Young
Elevate Software
www.elevatesoft.com

"Tim Young [Elevate Software]" wrote:

> Sanford,
>
> << Personal data on tens of millions of veterans was compromised. It was on
> a laptop that was stolen. Why wasn't the data encrypted? Methinks the time
> has come for dbisam to shout to the US government the power and ease of
> encrypted databases! >>
>
>  Actually, I think that the US government has rules that state that
> certain laptops/computers must always be "locked down" and secured.  They
> probably just didn't include this laptop in the bunch, and most likely
> because they don't feel that the privacy of citizens is a particularly vital
> issue.
>
> --
> Tim Young
> Elevate Software
> www.elevatesoft.com

My point is that all databases should normally be encrypted. It is so easy to
do, that it should be default. This is the case with dbisam.

Tim Young [Elevate Software] wrote:

>  Actually, I think that the US government has rules that state
> that certain laptops/computers must always be "locked down" and
> secured.  They probably just didn't include this laptop in the bunch,
> and most likely because they don't feel that the privacy of citizens
> is a particularly vital issue.

And most likly the data was encrypted.. but when you have the whole
computer, rather then just the data, it is quite likely that it also
includes the application to read the data.

Sanford Aranoff wrote:

>
> My point is that all databases should normally be encrypted. It is so
> easy to do, that it should be default. This is the case with dbisam.


I bet it was encrypted... but it is quite possible that the machine
that was stolen also had an application to read the data.  All the
encryption in the world is not going to protect the data if you can get
into an application that reads it.  That is why the app and data should
not be on the same machine when dealing with sensitive data.  In any
case, according to what I have read, there is no indication that the
thieves knew what they had or how to access the data.  In fact the
media is so fast to jump on half-facts these days it might even be
possible that all they got was a bunch of ecnrypted data with no way to
read it.

Sanford,

<< My point is that all databases should normally be encrypted. It is so
easy to do, that it should be default. This is the case with dbisam. >>

As David pointed out, that doesn't always keep things 100% secure either.

--
Tim Young
Elevate Software
www.elevatesoft.com

David,

<< And most likly the data was encrypted.. but when you have the whole
computer, rather then just the data, it is quite likely that it also
includes the application to read the data. >>

Yes, but what I meant by "locked down" is that they're not usable without
the proper card or bio ID, or basically not accessible at all without going
through multiple layers of physical security.

--
Tim Young
Elevate Software
www.elevatesoft.com