End-to-end encryption is the only foolproof was of preventing this. But if that ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		raz32dust on Oct 1, 2019 \| parent \| context \| favorite \| on: Engineer admits hacking Yahoo accounts searching f... End-to-end encryption is the only foolproof was of preventing this. But if that is not possible, training and audit/alerts is the next best thing. Training is important because new employees or new college grads might not be aware of truly how egregious it is to view someone's personal data. It really had to be drilled into the culture. By audits and alerts, I mean that if one employee accesses sensitive information, they know that other teammates are getting an alert about it. People do such things when they think nobody will know.

oyebenny on Oct 1, 2019 [–]

I'd actually love to have this implemented client side - i.e if an employee views accesses your info, the client gets an alert.

radres on Oct 1, 2019 | [–]

Yea, it'll flourish your business.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact