ITGS Syllabus

Tuesday, April 04, 2006

Topic 48

Social consequences of the release of sensitive data stored in databases by HeeJun

What will you do if you find out your sensitive data, such as credit card numbers and passwords, are exposed to some abusers who illegally use your information to benefit them? What will you as a businessman do if all the important data of your business are stolen from your old hard disk? As people have become more aware of identity theft, they are realizing the necessity of the protection of their personal information.

It is easy to find out the records of web sites you have visited, files you have downloaded, and old documents you thought you had deleted for anyone who can access your system to find. And with sophisticated data recovery software, even data that you went out of the way to make sure was gone may still be lurking in bits and pieces that can be put back together.

To understand how important it is to protect our own information from abuses, we should first understand the definition of sensitive data. Sensitive data are information that adversely affect a person, the national interest and etc. through unauthorized access, or modification. They cover many subjects: Social Security number; drivers license number; personnel information like birthday; financial information; criminal records; research data; legal data that should not be open to the public and so on. Sensitive data are protected by laws and regulations. Therefore, if it is found out that one is trying to steal the data, he or she gets harsh punishments.

The University of Glamorgan and Edith Cowan University in Australia recently found out on their research that sensitive data still exist on discarded or second-hand computer hard disk drives. They examined about three hundred second-hand hard drives, which included data of important financial information like bank account, payroll information, IP addresses, and etc.. Their research revealed that people's sensitive data are exposed to danger more than we think and that we are not doing a good job protecting the sensitive data from the danger.

Most of the people are unaware that sensitive data remain in a hard drive and can be easily recovered. Thus, it is very easy to get information about a person. When you visit the web sites, all information is in browser’s history. Even if you delete those temporary Internet files, not all of them are deleted completely. Word processing programs, for instance, create temporary files when you are working on the programs.

They are not deleted even when you turn the programs off. Instant messenger programs like MSN Messenger save text conversations to a file on a computer. Your information will easily taken away from your computer if a hacker is determined to do so. What it meant by these examples is that although you might think you have deleted information, the information still remain in memory on the computer.

When we delete a file, the file is not actually “deleted.” We all know that the file first goes to the Recycle Bin. But even when we delete files in the Recycle Bin, the files still remain in your computer disk. What happens when you delete a file is that the pointers to the file are removed from the space where it is stored on disk becoming reusable. The data of the file are still in the hard disk as many “1s and 0s.” Even if you format the hard drive, amazingly, the data are still there. If someone is determined to take away your sensitive data, all he has to do is to take your hard drive and recover all the data. It is that easy to steal the data. Thus we have to be aware that sensitive data can be easily taken away and we had better take some actions to protect our sensitive and personal information.


Blogger akirajackson said...

If your sensitive data is taken by someone it can be a really big problem. You might lose money, privacy and might even be falsely accused for a crime you never commited. It is scary.

January 17, 2007 6:17 PM  

Post a Comment

<< Home