No announcement yet.

Database Security

  • Filter
  • Time
  • Show
Clear All
new posts

  • Database Security

    Posting here as there is no DB Sec channel.

    $sidejob involves dealing with electronic personal health data (ePHI). I'm trying to find the best way to secure that data, so that if there is a breach and data is taken, PHI can't be matched up with personally identifiable information (PII).splitting the schemas, encrypting separately, and controlling the roles of who can access what so very little can access both has been my strategy. Is there a better way to go about this? Are there any solid DB security resources anyone knows?

    Also interested in logging around DBs, and if anyone has any reference to DB logging and SIEM rule sets, that would be appreciated.