It's not just tracking sales though, it's CRM, so every time they speak to someone about replacement/warrantee they need to know who they spoke to and audit frequent complaints either as abuse or something systemic that needs to be chased with a supplier.
I know why Dell needs to do this, but the C-suite is responsible for dieselgate and this kind of thing needs to be developed smartly, with taste, and with a consideration about what can fail (and how bad it can get). Bread and butter: Encrypt everything, long audit trail; Sysadmins don't need to read the databases (and can log need for keys), engineering doesn't need to read personal data, helpdesk don't need to log into servers, and no service needs unauthenticated and unlogged read (even internally; e.g. for automated reporting); Get audited by someone competent.
I handled 1bn daily records with 100% uptime, and max 6hr delay reporting using a single server, so there is no excuse except an incompetent CTO.
I know why Dell needs to do this, but the C-suite is responsible for dieselgate and this kind of thing needs to be developed smartly, with taste, and with a consideration about what can fail (and how bad it can get). Bread and butter: Encrypt everything, long audit trail; Sysadmins don't need to read the databases (and can log need for keys), engineering doesn't need to read personal data, helpdesk don't need to log into servers, and no service needs unauthenticated and unlogged read (even internally; e.g. for automated reporting); Get audited by someone competent.
I handled 1bn daily records with 100% uptime, and max 6hr delay reporting using a single server, so there is no excuse except an incompetent CTO.