Storing Personally Identifiable Information
#### What is Personally Identifiable Information (PII)?
PII is Any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual's identity, such as name, social security number, date and place of birth, mother's maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information. [From NIST](http://csrc.nist.gov/publications/nistpubs/800-122/sp800-122.pdf)
When it comes to Bitcoin, PII most likely pertains to the transactional and financial status of an individual and their Bitcoins.
#### What is PII the Bitcoin Industry
Bitcoin transactions are all public. This means that they can be viewed on the blockchain. However, bitcoin addresses offer some anonymity. Many Bitcoin businesses keep several pieces of information about customers, partners, and employees. Some of the more common types of PII include:
- Name (first & last)
- Email Address
- Physical Address
- IP Address
- Public Bitcoin Address
- Private Bitcoin Key
- Bank Account Information
- Date of Birth
- Security Questions
- Telephone Number
- Place of Birth
In order to ensure security, it is important to minimize the likelihood of PII being extracted from your organization. A combination of 3 or more items from the above list can easily be used to establish an individuals identity. If your organization does not properly protect this data, your customers identities would be revealed in the event of a security breach and they would most likely become targets of attack. Not to mention the public relations issues this would cost your organization if the breach was released to the public by the attacker or one of the resulting victims.
#### PII Database Storage
Most software uses a database such as MySQL to store customer data. **When it comes to storing PII in a database, always make sure it is encrypted**.
- [Documentation on MySQL Encryption](http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html)
- [Microsoft SQL Server Encryption Docs](http://technet.microsoft.com/en-us/library/bb934049.aspx)
- [PostgreSQL Encryption Options](http://www.postgresql.org/docs/8.1/static/encryption-options.html)
#### PII Logging
When it comes to logging PII, the route is simple. It should never be done. If you are logging events such as when a user logs in, logs out, does a sensitive transaction (as you should be), make sure that no PII is stored in the logs. Instead, you should log a non PII identifier such as a Globally Unique Identifier (GUID) along with the event. You can generate a GUID for each user and then log the GUID instead of PII in order to later reference a particular user.
#### Storing Documents with PII
Storing documents is another important aspect of securely storing PII. Many documents that are uploaded to sites (such as proof of ID), are stored improperly. When storing documents, it is important to encrypt them. You can either encrypt individual documents or you can store them in an encrypted drive using a tool such as [TrueCrypt](http://www.truecrypt.org/).
Any documents that are not regularly referenced, should never be stored on the application server in the event of a compromise. Documents that are uploaded using a web application should be encrypted and stored on a separate server.
#### What NOT to do!
- Do not store PII unencrypted
- Do not transfer PII unencrypted
- Do not Email PII unencrypted [Use PGP](http://www.techrepublic.com/blog/it-security/email-encryption-using-pgp-and-s-mime/)
- Do not store sensitive PII in Google Docs (SSNs, Private Keys, passwords, etc...)
- Do not store any encryption keys you're using insecurely