“The last time I checked, people do not change their social security numbers very often…”
While in constant debate over data encryption and ease of access, I encountered a train of thought that made my jaw drop. A tradeshow attendee suggested encrypting everything, but just use a weak algorithm; so as not to make it impossible to decode if needed in the future.
Before smirking and quoting statistics as truth, I stopped to ponder: was there any merit to the statement, what was the sensitivity level of the data, where was it being stored, who had access to it, what was the definition of a weak algorithm, was this archival data or was it accessed and changed often?
Through conversation, the premise was potentially plausible (with some big question marks), but the logic was still thoroughly flawed. Yes, the data was constantly changing and only updated records were being sent to branch offices via a public cloud file sharing service, but the data did contain personally identifiable information. The last time I checked, people do not change their social security numbers very often and data captured by an intruder will stay in its captured state.