ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Disaster recovery Toolkit

Government at a loss over data security

Leader ZDNet.co.uk

Published: 21 Jan 2008 17:09 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment
Government at a loss over data security

With the Ministry of Defence's loss of more than half a million personal details from a car in Birmingham, the best that can be said is that it's nearly 24.5 million fewer records than HM Rrevenue & Customs managed.

No doubt Gordon Brown will be announcing this as a 98 percent reduction in serious stupidity per quarter. Even at this rate, however, the entire country's private information will be in criminal hands by 2012. The Home Office could save time by starting up an RSS feed.

Such levity may not be appropriate to the scale of the problem, but it's matched by the lack of practical concern shown by the civil service and its masters. Reviews have been set up and investigations launched, but these are foundering due to the sheer scale of internal disorganisation they're uncovering. With nobody in charge, nobody can be brought to book.

This is the first thing that must change. We don't much care who takes control, as long as they're competent, open and ruthless — a combination of Alans Turing and Sugar — but clarity of purpose and lines of command are essential.

The policy that's needed is one of zero tolerance to mass unencrypted data beyond the firewall. The only time your address should be visible to the outside world is when it's printed on an envelope and handed to the postman. No more laptops with files in clear text. No more CDs in the mail. And no more junior officers, managers or civil servants running around with half the population's private details at their command. Access to this information en masse has to be taken as a serious responsibility, by organisations who understand how to structure such things with suitable checks and safeguards.

We're no longer in the age when massive buildings full of manilla folders define the state's knowledge of its citizens. We are also no longer beholden to the idea that systems, as well as their contents, must stay secret. Public review of safeguards and protocols is a must: assume people know how things work, assume mistakes will happen, and demonstrate that this openness and these mistakes don't matter.

Until the public servants can do this, there is only one reaction to any future plans to increase state data holdings, such as ID cards and databases: loud, raucous and unstinting laughter.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Kyocera

Did you find this article useful?
8 out of 11 people found this useful


Talkback

Post a comment


Full Talkback thread

2 comments

  1. CD's with data 1000008588
  2. Address the cause, not the symptom 23201

Related Links

More In Disaster recovery


Company/Topic Alerts

Create a new alert from the list below:









Related Jobs

Quality Lead - Unilever - Level C-00055185

Support implementation coordination for agreed QPI, SOX and Security controls Manage one quality team member who will support these activities Main ...

Engineering Manager Fabrication/ Sheet Sheffield 40k

Project management responsibility for various facility and/or production projects as required, eg, identification of; engineering/technical ...

Programme manager

Programme manager needed by my client, a large global consultancy to take charge of a large integrated programme. The successful candidate will be a ...