AboutSitemap

Avoid storing personal information

Avoid storing anything

There is a simple way to comply with GDPR: don't store data. This looks like an impossible task, but it isn't. Well, most of it isn't. We can avoid storing riskful data, or at least make retrieving it controllable and as such minimise the risk.

Before starting to protect your data, please consider not storing it. Most web-shops support order and delivery without registering and throw away personal data after delivery is complete. The marketing dweebs will tell you that this is a silly idea. I will tell you that storing personal data comes at a cost, a cost possibly larger than the marketing department can justify.

How do we leak data?

Just lost it

In order to live our lives, we access data, store it, share it and keep it safe. For accessing it we use user credentials, for storing we use some kind of copying mechanism. Sharing means handing out USB sticks or e-mailing attachments. Keeping it safe is, eh, how do we do that?

The following happens all the time:

  • loss of user credentials.
  • store temporarily for crossing secured boundaries.
  • forgetting to delete temporary stored items.
  • store files permanently on laptops/phones.
  • use the same user credentials for many services.
  • loss of computer equipment.

If you don't have anything riskful, all of tbe above don't matter. Most employees can do their job without having access to riskful data.

Just gave it away

Criminals may lure you into giving your data away. If there is riskful data in there, the impact may be big. If you don't have any, there is no harm done.

I protected it with anything we've got, but it still came out

Criminals may be able to work around your protective measures. In the end there will be riskful data stored somewhere, in the end, criminals will be able to acccess it and put it to their use.

Even if you've survived an ISO27001 audit, this may still happen to you company. In case you are responsible for data security, please do the best you can and never give up security in favour of full access to others.

In case you're into data governance, you'd better have the audit trail ready based on hidden signatures present in the leaked data.

Leaks

Hardly anyone with good intentions wants to leak data. A big chunk of leaked passwords, credit cards, account information and e-mails is leaked via intermediate storage and third parties having access to it.

Users of computer infrastructure tend to copy files for the purpose of accessing them. These copies end up on:

  • notebooks
  • temporary ftp-accounts
  • any cloud provider's virtual disk drive
  • a removable disk or USB stick
  • an e-mail

Notebooks can be stolen, accounts, especially those with username/password protection, can be accessed by others. Removable media end up

It's a solved problem

In case you don't use data which sits in files, you are lucky. Just use this data via web-applications accessible only via a VPN using two-factor authentication and you've avoided most risks with regards to riskful data. Just remember to lock your screen when you walk away from your computer.

For files, better call them reports, things are not that easy, but this is a solved problem too.

For any file-sharing, use cloud-storage located on your own IT environment using your own VPN. The file-sharing product should implement data-expiration with automatic policies and event-driven expiration. No expiration should go beyond one or two months. If any employee needs data longer than that, invent a web-application for it, accessible only via your own VPN.

Nextcloud will do the file-service with expiration for you. OpenVPN allows a VPN implementing a personal firewall/IDS for every logged on user.

About this title

The first four or five titles were written in some kind of rage after visiting the Big Data Expo, Utrecht 2017. I then knew about GDPR and had implemented various mechanisms to avoid running risks. The commercial heavy lifting on that expo was terrible. People should be informed about GDPR without FUD.