An Enterprise Data Warehouse (EDW), according to California State University, is a collection of data that can be defined and shared across the whole enterprise along the lines of common dimensions to be used for analysis. While you are in the designing phase of an EDW, there are certain security and related functional requirements that needs to be considered.
Protect Information in Laptops
Very frequently, we hear news of stolen laptops that contains sensitive information which could potentially be anything from Personal Identifiable Information (PII) to corporate intellectual information. The latest being the news in Canada that a consultant for the Provincial Public Health Laboratory lost a laptop that includes names, Medical Care Plan numbers, age, sex, physician and test results for infectious diseases, including HIV and hepatitis.
Google to follow PIPEDA
Google announced today that it will follow the Canadian Privacy Law (PIPEDA) when it comes to Street View imaging. Canada’s privacy commissioner is happy and thinks Google and Calgary based Immersive Media is heading in the right direction. The commissioner is yet to hear the formal announcement from the both the companies.
Google Maps Streetview
Google is again on the news for privacy reasons. The Canadian Privacy Commissioner has raised concerns regarding the privacy of individuals captured in each and every photographs of streetwise. The resolution of the pictures is high enough to identify the individuals in the pictures.
Official (ISC)2 Guide – Review
Review of Official (ISC)2 Guide by Shaheen N Abdul Jabbar
Production Data as Test Data
In order to maintain high quality of code, a company needs to use production quality source data for development, unit test and QA functional test purposes. There could be situations when the company uses unscrambled production source data, which potentially exposes customer sensitive data. Customer sensitive data must be protected. Given that there is a correlation between the quality of test data and the quality of code delivered to production, all efforts should be made to minimize the disruption/distortion of test data, while satisfying the privacy concerns.
CISSP Preparation Resources
A list of resources for CISSP preparation