A customer has a requirement for storing some Personally Identifiable Information (PII). I want to attempt to dodge the issues of storing this in their database. I am looking for some kind of service that might securely store this data that I could then access via an API.
1
There are 1 best solutions below
Related Questions in DATABASE
- When dealing with databases, does adding a different table when we can use a simple hash a good thing?
- How to not load all database records in my TListbox in Firemonkey Delphi XE8
- microsoft odbc driver manager data source name not found and no default driver specified
- Cloud Connection with Java Window application
- Automatic background scan if user edit column?
- Jmeter JDBC Connection Configuration Parametrization of Database URL for accessing SQL Database
- How to grant privileges to current user
- MySQL: Insert a new row at a specific primary key, or alternately, bump all subsequent rows down?
- Inserting and returning autoidentity in SQLite3
- Architecture: Multiple Mongo databases+connections vs multiple collections with Express
- SQL - Adding a flag based on results within a query - best practice?
- Android database query not returning any results
- Developing a search and tag heavy website
- Oracle stored procedure wrapping compile error with inline comments
- Problems communicating with mysql in php
Related Questions in PII
- Use Powershell to find SSN's in Word and Excell Documents
- How to secure PII data in transit from REST API to browser
- PII Encryption problem on registration page
- How do you mask sensitive request params in gqlgen?
- How to fix this issue "identitymodeleventsource does not contain definition for showpii" in web api
- Python script to search PII
- Cleaning up URLs to remove personal information
- Google Cloud DLP Re-identify PII data using Deterministic encryption
- How to remove PII from URL (GA4 w/ GTM)
- With what key should personal information be encrypted?
- 3rd Party Services for storing PII
- Netsuite : personal information (PI) removal
- 2-way string encryption in PHP - which of these is more secure?
- How to fire like and range query on PII encrypted column in mysql
- Remove personal information from mixpanel javascript tracking call
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
There is no good way to dodge PII management. If you can, I'd suggest getting some justification from the customer for storing of the information, verifying that it is truly required. I've seen requirements for pieces of PII that, after a little discussion, turned out to be unnecessary.
Assuming the PII is needed... Keep the data in house - if you go to a remote service, then you are opening up a whole new can of worms - it is likely that you will still be responsible for any data breaches.
When you do go to store needed PII, keep it as isolated as possible with tight security, and encrypt it. When you need to read the information, decrypt it, work with it, and get rid of it immediately. When disposing of the in memory data, set the values to some garbage text, then release the memory after that is complete.
Best of luck!