We think of the software that runs our systems as its beating heart, but the brains of an organisation — the continuity of its identity — resides in its data. The databases must stay complete, correct, and confidential: if any one of the three fails the organisation faces an existential threat.

In a logical world, the most durable and secure part of our systems would be its data, but instead — as a matter of course — we build systems that allow secrets to leak out, allow contamination to leak in, and allow valuable data to be simply forgotten. To make up for those problems, we try to strengthen our perimeter, but that doesn;t work, because that;s not where the problem lies.

In this talk, Jules explores what’s wrong with our current approach to data persistence, why secure boundaries and the Principle of Least Privilege are not nearly enough, and what we can do instead.