It seems that almost every other week there is a revelation in the United Kingdom about data going missing. From mindless fools posting unsecured data on CD/DVDs to flash drives containing military or intelligence data being left in public places. It was bad enough last year when a Government agency lost CDs containing the personal details of 25 million people, but the public was prepared to accept that such things can and do happen occasionally. But since then, more and more data appears to have been misplaced, culminating in the revelation today that a 500Gb hard drive containing details of 5000 prison officers has been lost.
What irkes me the most about all of this, is that no-one appears to have the common sense to use an off the shelf utility (I could name a variety) to encrypt this data! I can (just) understand in a ‘secure’ government environment where data is accessed continuously that encryption would not be viable*, but when the data is being transported, not to secure it somehow is criminal! I am not even talking asymmetric cryptography which takes some brains and infrastructure to set up, but how about just using a one time symmetric cryptography model purely for when the data is out of a secure environment?!?!
Data ‘Protection’ minister Michael Wills really needs to start clamping down on these rouge operators who seem to have no respect for the sanctity of personal or sensitive information or resign, I (and I am sure many others) have had enough of our country continually being a laughing stock for having data security policies which resemble a particularly effectual colander.
*although a variety of transparent encryption technologies exist.