sox Archives - Grant Fritchey

22Apr 2019 by Grant Fritchey 3 Comments

Data Breaches: All Your Fault

One part of my job is to understand the compliance landscape. This means that I read a lot about the GDPR and related similar laws. I also have to read a lot about data breaches in order to understand how and where laws like the GDPR apply to them, and how they happened so that I can better prepare people through good DevOps practices to prevent them. The more I read about data breaches, the more I realize: It's You. It's your fault. Don't believe me? Let's walk through a few recent data breaches together. Passwords? We Don't Need Stinking Passwords. The Collection #1 data that represents 21 million unique email addresses and passwords for a combination of up to more than 700 million, was found by Troy Hunt... on…

18Mar 2019 by Grant Fritchey 1 Comment

Compliance Ain’t Easy

Redgate Software

I'm sure by now you've heard of the GDPR and some of the large scale data breaches that have occurred within it. If you haven't heard of the GDPR, you've been under a rock, or, you're like me, a United States citizen (it's amazing how little we know about this oncoming train). If you're seeing the four letters GDPR strung together for the first time, then you better jump on learning about it right now. Why? Let's string together more letters, CPPA. That stands for the California Privacy and Protection Act. That's a law modeled off the GDPR that goes into effect in 2020 (yeah, nine months). Compliance Isn't Always Spelled GDPR Maybe you're not in an EU country and you don't have any person's data from there. Maybe you…

30Jul 2018 by Grant Fritchey No Comments

Identifying HIPAA, PCI & SOX Data for Masking

Redgate Software

Working for a company based in the UK (still currently a part of the EU) I had a lot of motivation to learn about the GDPR and what it means for data professionals. Further, the understanding that, through treaties and court precedent, the GDPR can apply to companies around the world also motivated me to learn about the privacy and protection mechanisms that it required. However, there is privacy and protection much closer to home from the data and security definitions in HIPAA, PCI and SOX. I've been doing a bunch of research on all these to better understand how they, along with the GDPR, and a whole slew of new legislation coming from around the world, will impact the database. More specifically, I've been trying to understand how best…

11Jun 2008 by Grant Fritchey No Comments

Auditing in SQL Server 2000/2005

Misc, SQL Server

TJ Belt wrote a nice article over at SQL Server Central on how to do Sarbanes/Oxley compliant auditing using SQL Server 2000 and/or 2005. it's worth a read.

Tag: sox