Ebay had to get involved sooner or later, didn't it? Buy an old server for £35 and get a few hundred thousand files of personal details thrown in. Perfect gift for Father's Day. The sheer incompetence makes the mind boggle. If you are a bank, or a credit card company, surely you make sure that all servers and PC's are wiped clean before disposal? If you entrust data and equipment to a third party, surely you make damned sure that they take proper precautions too?
Are there people insane?
Then, just when you thought the government couldn't get itself into anymore data related problems, they entrust 135000 criminal records to a memory stick and let it go wandering with yet another outside contractor. Encrption? Don't be silly. Procedures? This is government, remember. The only job I can think of where expenses are paid on trust. No receipts necessary.
The fact is they just don't seem to care. The government loses one laptop a day, somewhere, and the fact is they don't have a clue what is on them. Add to that a mobile phone or a pda every other day, and I bet old Golden Brown has to change his mobile number every week, to stop all the sniggering phone calls from the lucky recipients.
This is serious stuff for anyone in an industry that needs data. The consumer cannot have much trust left. It is not even a drip-drip of bad news, it is a Tsunami every few weeks. The ICO is looking into things again, but here is a prediction for you. The banks and the outside contractor in the servergate scandal will get heavy fines, and heads will roll. The government will not get fined, but maybe a civil servant somewhere will take early retirement on his index-linked pension.
Our government can't run a bath, let alone an ID card scheme. Whilst Golden is concentrating on the job, and making the right long-term decisions for everyone, his team are turning the machinery of government into a farce.
Still enough whingeing. There is a server about to sell on Ebay that looks quite promising...
You'd say that companies should entrust their data to data professionals, but even this doesn't appear to be a reliable option.
We operate a 7 pass delete system, all file transfers are 128 bit encrypted, our online systems use veri-sign SSL, all outdated IT equipment is professionally destroyed and recycled by an external contractor, but only when it has been thoroughly scanned, deleted and de-sensitised internally - all HDs are removed and professionally buggered by our infrastructure team - and we're only a relatively small business - nothing like the size of Graphic Data.
Clinet's data security has to be THE top priority - why can't companies get it right? Bring us a COI contract!
Congratulations Adam, that sounds like quite a system. Right now, you should be using that as part of your client marketing communications, because with all the data scares going around that system should reassure any client that they are safe to put business in your hands.
Hugh Bessant
Blogging for:
Member since: 03 Jun 2008
Last login: 20 Nov 2008
Total Posts: 308
