Home > News, Rant, Security > What Morons are running this country?!?

What Morons are running this country?!?

It seems that almost every other week there is a revelation in the United Kingdom about data going missing. From mindless fools posting unsecured data on CD/DVDs to flash drives containing military or intelligence data being left in public places. It was bad enough last year when a Government agency lost CDs containing the personal details of 25 million people, but the public was prepared to accept that such things can and do happen occasionally. But since then, more and more data appears to have been misplaced, culminating in the revelation today that a 500Gb hard drive containing details of 5000 prison officers has been lost.

What irkes me the most about all of this, is that no-one appears to have the common sense to use an off the shelf utility (I could name a variety) to encrypt this data! I can (just) understand in a ‘secure’ government environment where data is accessed continuously that encryption would not be viable*, but when the data is being transported, not to secure it somehow is criminal! I am not even talking asymmetric cryptography which takes some brains and infrastructure to set up, but how about just using a one time symmetric cryptography model purely for when the data is out of a secure environment?!?!

Data ‘Protection’ minister Michael Wills really needs to start clamping down on these rouge operators who seem to have no respect for the sanctity of personal or sensitive information or resign, I (and I am sure many others) have had enough of our country continually being a laughing stock for having data security policies which resemble a particularly effectual colander.

*although a variety of transparent encryption technologies exist.

  1. September 8, 2008 at 7:05 am

    I don’t think there’s a significant increase in the number of incompetent mishaps of this calibre. I just think these are caught and exposed in the media more often which was something very rare even a decade ago.

    The people who work in government aren’t more qualified or capable than in the civilian sector.

    A company admin (who will remain nameless) gave me FTP access to a web server because I asked for it in an email! Granted, I was hired to work for them, but the admin had not been introduced to me at that point. I was just some stranger with information about the server IP, which I could have taken from a ping to the domain, and a name of one of the consultants, which I could have taken off the web site’s “Staff” page.

    Or when I visited an office on an appointment and a secretary escorted me right through the building.
    No ID check, No request to wait in the lobby, No security cameras(except in the lobby). And there were portable drives and laptops everywhere. Any number of which I could have pinched discreetly and no one would have noticed for a week. Let alone the secretary who was too busy spilling the beans on every name of every door we passed by. Thanks to him, I was acquainted with most of my colleagues before I met any of them.

    These things happen all the time, except in government it could cost lives.
    Obviously this has to change. And, unfortunately, I don’t think it will until such a tragedy takes place.

    This line in particular is very disturbing…
    “We are extremely concerned that not only has this data been lost, but that the Prison Service appear to have tried to conceal this serious breach in security.”
    How comforting. Not at all unexpected as that’s also the usual response in corporate environments.

    And “around 5,000 NOMS employees including their names, dates of birth, National Insurance numbers and employee numbers.”
    This is enough information to find out where each of them live. That’s 5,000 potential victims of incompetence.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: