Tuesday, 5. February 2008
PermaLink Personal data now completely safe in government hands
You can't have escaped the startling revelation that data has not been safe in government hands recently.

First we had that spot of bother with 25 million child benefit records and, more recently, there have been several tales of lost laptops.

One feature (other than base incompetence) common to these and similar incidents is that encryption has not been used. Data has been stored and transported in clear text with, perhaps, some very basic and easily circumvented password based security.

Something must be done.

Indeed, something now has been done.

BlackBerrys squashed by Whitehall data ban

Government BlackBerrys and PDAs have been grounded by the Whitehall-wide ban on the movement of unencrypted personal data.

The devices have fallen foul of the department-wide ban imposed by cabinet secretary Sir Gus O'Donnell in the wake of the revelations about the Ministry of Defence data loss last month that resulted from a stolen laptop.

Thank heavens for that. I'll sleep much more soundly from now on, knowing that my bank account, NI number and address are not stored on some mandarin's BlackBerry.

Waitaminnit.

Were BlackBerries the central issue here? Or could it have been that poorly defined processes and internal control procedures concerning the storage, use and transfer of data were at the heart of the matter?

This is more than a little reminiscent of the policy of confiscating toiletries from the hand baggage of air travellers. Nobody ever brought down an airplane with 150ml of Mum roll-on. The confiscation of such items at baggage checks serves to demonstrate a robust security policy and to make us all feel safer. But are we actually safer?

Not really.

Banning BlackBerries in Whitehall makes good press and may even serve to reassure some people, but it doesn't come close to addressing the central issues of competence and due process.

It won't be long until we hear of the next loss of unencrypted personal data and, when that happens, it won't be a lost or stolen BlackBerry at the centre of the row.

Category: Blackberry
Technorati:

Comments :

1. Mark Dowling05/02/2008 15:26:39
Homepage: http://cork2toronto.blogspot.com


At least with a Blackberry, assuming the wireless is not turned off, you can remote wipe it with BES. Hard to do that with a laptop.



2. Chris Linfoot05/02/2008 15:29:00


There's the rub - assuming the wireless is not turned off.

We've twice recently needed to do a remote wipe and on neither occasion has it worked because devices were switched off.



Unable to post a comment? Please read this for a possible explanation...
Add Manual Trackback
Please enter the details of the trackback post. Your trackback will not appear on the site until it has been verified. This won't be immediate, as trackbacks are validated on a scheduled basis. Be patient.











Search
Hot Categories
Domains
IPv6
Internet
Malware
Monthly Archive
2009
2009
2009
2009
2009
2008
Full Archive
Links
Chris' Posterous
CircleID
Anti-Spam Tools
Misc Links
Land banking information
LDV Blog
Landscape Gardener in Birmingham
Contact Me
email - Chris Linfoot
Subscribe
Subscribe to articlesArticles

Subscribe to commentsComments

Visitor Locations
Locations of visitors to this page
Hosted by


logicspot.com