hipaa » Musings on Database Security

Monday, May 14th, 2007

Compliance and the Illusion of Security

Recent opinions about PCI-DSS and whether it should or should not be softened made me think of a wider issue I often come across: The illusory equivalence of regulatory compliance with “security”.
I would therefore like to try and argue that compliance cannot equate security, and it never will. The reasons for this are inherent to [...]

3 Comments » - Posted in compliance, security by Slavik

Tags
bind_variables breach breach-notification compliance conference database-monitoring database-security database_security DBA educational_institutions hedgehog hipaa insider threat insider_threat intrusion monitoring MS SQL Server off-topic Oracle oracle_database_security oracle_security patching PCI Personal personally_identifiable_information pii presentation privacy regulatory-compliance sarbanes-oxley sb1386 security segregation_of_duties social_security_numbers SQL injection sql_injection technical technical tips TJX ukoug universities user identity visa vulnerability webcast
Categories
- breach
- compliance
- credit cards
- DBA
- encryption
- insider threat
- Java
- monitoring
- MS SQL Server
- Oracle
- OUG
- patching
- PCI
- Personal
- privacy
- sb1386
- security
- SQL injection
- technical tips
- TJX
- Uncategorized
- universities
- user identity
Blogroll
Meta
August 2008

M T W T F S S

« Jun

1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30 31

August 2008
M	T	W	T	F	S	S
« Jun
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Musings on Database Security

Monday, May 14th, 2007

Compliance and the Illusion of Security

3 Comments » - Posted in compliance, security by Slavik

Tags

Categories

Blogroll

Meta