Protecting Data

I am curious what others have done to keep developers from seeing confidential information in the database. For instance we have an employee table, which stores each employees salary. We have a couple of developers that we would prefer not see this information. It appears to me that setting the field to invisible, won’t really do the trick. Any other suggestions?

I always appreciate the knowledge and insight.

Kevin

Hi Kevin,

2 choices: a) Developer signs a NDA b) Developer doesn’t see the data and can’t help much.

As a developer I have seen this a lot. Some “errors” and “bugs” can only be found if you really see the data.

Ah, c) encrypt the field and keep the key outside the data base.

Somehow, you have to invest some trust…

I agree about the trust aspect of this. This is NOT my request, ha. My superiors are worried about the “young” developers worrying about seeing other young professionals being hired and seeing their salary.

In my opinion this is a very odd request. At some point they have to figure out how to deal with information.

We have done the NDA, but apparently there is still worry. And quite frankly, I get it a little bit, because we may not want to pay our developers the same, even though they have been here the same time and handle about the same responsibility. But perform quite differently.

Thanks again for the discussion and help.

Kevin

Kevin,

Peter pretty much sums it up. It’s a good reason to upgrade to 17r5+ where you can encrypt tables.

You may also consider splitting the sensitive personal data, like salaries, commissions and other compensation, out of your operations database into a separate HR database for just these reasons. If you are storing any employee health data not related to workers comp injuries, for instance, then you may need to start thinking about HIPPA compliance - not something you want to do with a database otherwise concerned with general operations.

Not to mention, NDAs don’t improve the morale of those who sign them.

I sustain Kirk.
Kevin, if you have made something like a ERP for your company, you have to manage authorizations to access all your data and not just salaries : it also necessary for accounting, sales contracts and so on.

This needs to have several environments for development, validation and production ; the first two with sets of data that you could show to developers.

When I was working on SAP (ERP n°1), I had access to all datas, even in a big company of nuclear industry ; before access control, I could solve issues in production system in less than a quarter of an hour ; after rationalizing access, it needed one at least week !
If your company is small, you can’t specialize developers and have just one that will work on HR : it’s the snake that bites its own tail !