[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 281
  • Last Modified:

Data on Trusted Solaris systems?

On a Trusted Solaris OS system or any Trusted UNIX OS, should very sensitive data be online or connected to the Internet?
0
slajoh01
Asked:
slajoh01
1 Solution
 
NukfrorCommented:
No - as you put it - very sensitive data should not be accessible to the Internet.  Trusted Solaris or any OS will not guarentee protection cuz the environment is designed, built, and managed by humans and therefore has flaws in the architecture, security design, and operational best practices.

Usually the highly sensitive data would be behind several layers of access controls, phsyical layers in an environment, identity and role based permissions would be used to the EXTREME, encryption, authentication, signed communication channels, etc - all this is *an effort* to never allow direct physical access to the data.  Notice I said " an effort" - its not a guarantee.

Have you missed all the news articles about 10s of thousands peoples credit card information being exposed and stolen and abused over that last several years ????  A recent article just came out about how high-quality data (e.g. very sensitive data) on over 2000 credit cards was acquired and used to charge between $500 and $700 against the credit cards.  They know the data was of high-quality because the charges were made to the credit cards immediately without first trying charges of something like 10 cents to see if the accounts were valid.  The charges were simply made e.g. the theives KNEW the data was already correct.  The legal battles will fly on this one and the losers as usual will be the people whose accounts were exposed.

If you have highly sensitive data, you and your organization better think LONG and HARD about the risks you are getting into by exposing that sensitive data to the Internet.  If this highly sensitive data involves consumer personal data that could lead to identity fraud is stolen, .... ahh the horror.
0
 
yuzhCommented:
Agreed with Nukfror, when your box is accessible to the world, you sensitive data
is at risk. Hackers, OS bugs etc can cause problem.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now