You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Contact numbers of our CMS users are deemed as sensitive personal identifiable information (PII). At present, the contact number of each user is stored in the Users table. This means that Isomer engineers could easily accidentally retrieve the contact number data and use it in places where it is unnecessary.
Suggested solution
As suggested by @dcshzjhere, we could put all PII into a new database table such that Isomer engineers need to explicitly attempt to retrieve the PII; this reduces the risk of accidentally retrieving PII data where unnecessary.
The text was updated successfully, but these errors were encountered:
Challenge
Contact numbers of our CMS users are deemed as sensitive personal identifiable information (PII). At present, the contact number of each user is stored in the
Userstable. This means that Isomer engineers could easily accidentally retrieve the contact number data and use it in places where it is unnecessary.Suggested solution
As suggested by @dcshzj here, we could put all PII into a new database table such that Isomer engineers need to explicitly attempt to retrieve the PII; this reduces the risk of accidentally retrieving PII data where unnecessary.
The text was updated successfully, but these errors were encountered: