A customer has a requirement for storing some Personally Identifiable Information (PII). I want to attempt to dodge the issues of storing this in their database. I am looking for some kind of service that might securely store this data that I could then access via an API.
1
There are 1 answers
Related Questions in DATABASE
- How to add the dynamic new rows from my registration form in my database?
- How to store a date/time in sqlite (or something similar to a date)
- Problem with add new attribute in table with BOTO3 on python
- When an E-R attribute should be perceived as a relationship attribute or as an entity set attribute?
- SQLAlchemy: efficient relationship loading in 3-way many-to-many relationship
- Cannot connect to Postgres Database when running Quarkus Tests with Gitlab ci
- Local or remote database with react-native?
- I want to edit a specific row in database
- How to enter data in mongodb array at specific position such that if there is only 2 data in array and I want to insert at 5, then rest data is null
- Open Web Library
- database login.py and register.py error showing 404 file not found and doesn't work
- SQL71561: SqlComputedColumn: When column selected
- Liquibase as SaaS To Configure Multiple Database as Dynamic
- Updated max input vars but table still shows error
- Spring does not map set of roles
Related Questions in PII
- PayPal Express Checkout - get PII / billing information from the PayPal account on payment
- How to config spaCy NER model to stop tokenizing words and giving false positives?
- How to tune/filter out spaCy NER model flagging body parts as PERSON?
- How to fix this issue "identitymodeleventsource does not contain definition for showpii" in web api
- How do you mask sensitive request params in gqlgen?
- PII Encryption problem on registration page
- Is there a way that I can leverage a JSON Schema to flag / classify an attribute as PII
- How can I allow certain entities (e.g., names, organizations) in Azures PII Entity Recognition method so that they are not recognized/masked?
- [Google]Are the sub and name and email from the userinfo endpoint confidential or public?
- google DLP Masking not working for characters which i want to ignore
- Extract schema name based on current Snowflake column
- How to Mask PII data in AWS ORACLE RDS?
- Best way to transmit sensitive data during SSO redirect between two sites
- How do I avoid giving all users access to PII of other users in the system?
- How to extract a non-English address from a string
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
There is no good way to dodge PII management. If you can, I'd suggest getting some justification from the customer for storing of the information, verifying that it is truly required. I've seen requirements for pieces of PII that, after a little discussion, turned out to be unnecessary.
Assuming the PII is needed... Keep the data in house - if you go to a remote service, then you are opening up a whole new can of worms - it is likely that you will still be responsible for any data breaches.
When you do go to store needed PII, keep it as isolated as possible with tight security, and encrypt it. When you need to read the information, decrypt it, work with it, and get rid of it immediately. When disposing of the in memory data, set the values to some garbage text, then release the memory after that is complete.
Best of luck!