- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or register to comment.
Not storing their backups onsite was only one of many best-practice rules they’d been breaking, I’m sure.
I only hope the cloud cult will not use this to push an expensive public-cloud agenda when merely an offsite backup would do.
… and probably many more compliance issues, I’d expect, but it’s a start.
The data at rest was not encrypted from the sound of it. so anyone can just go poking through that hard drive if they want.
Lost’s of small offices have PILES of unencrypted client data sitting on a old server sitting in the corner by the copier.
And this is why encrypting your data at rest is so important for PHI/PPI.
Hell, you can even configure MSSQL to encrypt/decrypt columns on the fly in ways that doesn’t require the cooperation of whatever app works with that database.