Sometime ago, Kevin Ruane wrote an article on hiding your Linear Hash data from workstations, this prevented direct access to the data inside .LK and .OV files (Revelation’s Linear Hash data files).
At the time, this was just another useful benefit afforded the Universal Driver for users running Revelation based systems. However, in more recent times we have seen many headlines of high profile individuals and organisations loosing client and other sensitive data – headlines that no organisation can afford to deal with and that often lead to lasting damage to the organisation’s reputation.
If that was not reason enough to take data privacy seriously, organisations now have requirements to protect and audit access to data and this is becoming a more and more common request. For instance, compliance with industry security standards like the PCI DSS (Payment Card Industry Data Security Standard) is now a must have for anyone handling credit card information through their online systems or otherwise.
Revelation has published an update to the original article which covers one method to prevent unauthorised access to OpenInsight’s data held inside .LK and .OV files. Working with OpenInsight 9.2+ and the Universal Driver 4.6 over a Windows 2008 Server and Windows 7 workstation environment (so nice and contemporary) this new article details how to use strict NTFS permissions to achieve peace of mind for developers and end-users alike. After all, if your users can not directly read or change .LK and .OV files, you can audit and protect access to the data using controls that are internal to your application.