Could data segregation help mitigate impact of large scale data incidents?
Looking at the Qantas breach of 6 million passenger records.
Taking a step back from the data warehouse model, what if data could be stored in different locations based on a set of criteria instead of in a single repository. Access to these systems could be isolated as well. If one system got compromised it would not impact the entire data set.
The data could still be mined for business analytics but it could be pseudonymized in a data warehouse. If access to the warehouse got compromised it would not impact privacy.
This is a much more complex and expensive setup, but the cost could be weighed against the loss resulting from a compromise.
There is also the impact on real time data interactions with PII, where is it stored, how is it accessed, etc. Lots of considerations.
Just a thought, though it may not be practical.