Commercial encryption products that existed in year 2000 could have prevented the breach
My understanding is that OPM is using commercial databases, including Microsoft SQL Server and Oracle. It is likely that commercial data security products could solve the security issues 8 years ago, when the OPM compliance issues surfaced.
As early as 2000 in US, leading beverage brands and a leading investment banks encrypted sensitive information to prevent unauthorized access by root, database administrators and other users, in commercial databases including Microsoft SQL Server 2000 and Oracle 8i.
It is likely that commercial encryption products that existed in year 2000 could have prevented or significantly limited this large data breach.
Ulf Mattsson, CTO Protegrity