Noticing Data Misuse
Everyone seems to be looking at their databases for personal information leakages.
Tax liens, mortgage papers, deeds, and other real estate-related documents are publicly available in on-line databases run by registries of deeds across the state. The Globe found documents in free databases of all but three Massachusetts counties containing the names and Social Security numbers of Massachusetts residents….
Although registers of deeds said that they are unaware of cases in which criminals used information from their databases maliciously, the information contained in the documents would be more than enough to steal an identity and open new lines of credit….
Isn’t that part of the problem, though? It’s easy to say “we haven’t seen any cases of fraud using our information,” because there’s rarely a way to tell where information comes from. The recent epidemic of public leaks comes from people noticing the leak process, not the effects of the leaks. So everyone thinks their data practices are good, because there have never been any documented abuses stemming from leaks of their data, and everyone is fooling themselves.
Davi Ottenheimer • July 5, 2005 10:46 AM
Too true. False negatives can be far worse than false positives. This is one of the main issues with “honey pot” strategies.
Unfortunately (to abuse an analogy) achieving anomaly-detection in a complex environment implies a level of forestry wisdom that is virtually impossible. Most have just realized that those little distributed IT saplings they planted are now huge overgrown trees. Very few are poised to synthesize the mountains of application and system log data and analyze it to find unauthorized access.
Moreover, I have found very few administrators encouraged to achieve true proficiency in system availability with regard to behavior monitoring and reporting. Intense pressure from management usually favors rapid and disruptive change that brings new functionality to bear on a schedule completely divorced from even a simple risk management lifecycle.