fmstrat to [email protected]English • 4 months ago2.9 billion hit in one of the largest data breaches ever — full names, addresses and SSNs exposedwww.tomsguide.commessage-square142fedilinkarrow-up1522
arrow-up1522external-link2.9 billion hit in one of the largest data breaches ever — full names, addresses and SSNs exposedwww.tomsguide.comfmstrat to [email protected]English • 4 months agomessage-square142fedilink
minus-square@[email protected]linkfedilinkEnglish17•4 months agoPII data at rest (i.e. in a database) must be encrypted.
minus-squarefmstratOPlinkfedilinkEnglish3•4 months agoIf the DB is running, it’s not at rest. Clients side encrypted data would be the way.
minus-square@[email protected]linkfedilinkEnglish1•4 months agoI think my definition is pretty standard: https://en.m.wikipedia.org/wiki/Data_at_rest
minus-squarefmstratOPlinkfedilinkEnglish1•4 months agoThe catch is interpretation, which the wiki points out: “Inactive data” could be taken to mean data which may change, but infrequently. Any company like this one would consider this data “in use” but “inactive” because any person could need a loan at any point.
PII data at rest (i.e. in a database) must be encrypted.
If the DB is running, it’s not at rest. Clients side encrypted data would be the way.
I think my definition is pretty standard: https://en.m.wikipedia.org/wiki/Data_at_rest
The catch is interpretation, which the wiki points out:
Any company like this one would consider this data “in use” but “inactive” because any person could need a loan at any point.