kindly do explain. . . am quite interested in what you have to say -

It’s a little more complicated than you suggest. Wait for pt2 and I’ll explain why…

Quite true. If there is no national ID database then there’s nothing to expose.
Ministers may still want their ID card project but the voting public will make it clear where they can stick it.

The Government is like the Windows PCs of the past, with all the firewalls switched off by default. Oh, and overpriced (for what you get), bloated, ugly, unreliable and intrusive.

The metaphor I like is industrial machinery. They have light beams, guards and multiple operating buttons to ensure that you can’t chop your arm off unless you really really want to. As has been noted, how could a junior get access to this data, and a CD burner at the same time. If they could, it’s not the junior’s fault.

I get the feeling that the government’s IT security is just not a priority. It’s a detail, which gets tacked on when they have the time to think about it. Which mostly they don’t, and then as a quick fix they stick to methods that are more suitable for desktop systems.

– ‘The fact that someone had 25 million records on their desktop machine to burn onto a cd (why did they have a burner?) is pure insanity.’

All very well blaming the junior muppet for posting the CDs, but the fact that he or she had access to the data on a CD shows the problem to be much more systemic than a simple ‘whoops’ moment. Unless there is a fundamental rethink of how data is treated from start to finish across all departments (local and central), and a value placed upon information, this is likely to reoccur.

If our personal data is viewed as ‘cheap’, small wonder it is treated with little respect. Call it £4 a record (would you value your personal data so low?), and ask which government techie thinks it should be remotely possible to courier £100 million between offices.

There’s only one problem. You (and Dizzy) are writing about the facts. Politics is more about narratives, however. The narrative is that government will abuse the information it collects on us – whether through malice or incompetence doesn’t really matter. (One more fact, before I go on: our political leaders and top civil servants are still computer illiterates. Difficult to see banana skins if you don’t know what a banana is.)

People won’t trust ID cards either to be secure or not to be abused. I don’t, lots of us don’t, and I don’t even think you’ll make much effort to persuade me otherwise. (Nick Palmer MP did his best a while back on Mike Smithson’s site and lost his cool in the process, a thing he never normally does.)

The Tories also have a problem here because the police and security services are 101% signed up for them, and they won’t change their mind because a new set of ministers has turned up. They’d be well advised to use some weasel words in their next manifesto.

The really creepy bit is the “joining up” of personal information across government. Apart from anything else, this information has considerable commercial value (dunno if any of the experts around here would care to price it) which will represent a standing temptation to government to flog it off (they can change the law by ministerial order these days, remember) to balance the books.

In the meantime, the government looks utterly incompetent – I’ve never agreed with a “Daily Mail” headline before, but I did to-day – and they won’t recover. The last thing they – or we – need with the banking system so fragile (and if people decide to trade elsewhere than the City of London our standard of living will start to crumple and the good citizens of Warsaw and Belgrade will be complaining that the Brits are stealing all their jobs) is a government perceived to be a bunch of clowns. (Actually I want to use another word, but I’m trying to stay within the house style).

In 1983 Labour lost 120 seats in the General Election. I reckon they’re on course to repeat that.

They will use this to push for ID cards.

Two CDs or Not Two CDs

I think we all agree, its a very CD affair…

Sorry … dislocated by political changes every few years.

>What’s more, there should be an Information Security Committee drawn up that oversees Government systems. This should be a body that places information security at its core, not political expedience and be independent of Government.

I would hope that that has been in place for fifteen years or more already (?)

The best analogy I have (having worked as an IT Manager in NATS) is that data security needs to permeate the organisation as safety does for both ATC and Nuclear.

A key question is how such a culture is dislocated by changes

Hence – beyond the political punch-up (and there are some valid political aspects to this such as the way warnings have been brushed aside) – there needs to be a bi-partisan approach.

I’d like the HoL to do the enquiry, but I don’t see it happening.

…Until the NIR database dump CDs get lost in the post, that is.

This is a bit of misrepresentation of my point to be fair. Access to production data off the production system is not something that anyone should have, period. Not unless you have a full sanitisation process in place. The fact that someone had 25 million records on their desktop machine to burn onto a cd (why did they have a burner?) is pure insanity. I agree with your point about the junior versus senior bit though. My point was more that someone was able to do this and was someone in less senior role with the wise experience like ours on their shoudlers perhaps?

“As Dizzy, at least, should know, in a modern corporation no one has greater access to confidential information than the IT department, even though the staff who tend to have the greatest degree of access (operators and data controllers/analysts) are amongst those with the lowest status in the office.”

Not in big corporations that have to work in the realm of Sarbox or PCI Visa complaince they don’t. All root and superuser passwords should be kept in a firesafe and only two people know the combination (to reduce the drop dead scenario). No one that is not an operational administrator of the system should have read access to manage entire dumps of the database. If the system has been designed to allow people to generate dumps via an interface then that is bad security design. Full production data in the commercial world of this nature should always be santised before it reaches someone’s desk to ensure this sort of thing does not happen.

Glad you liked the other stuff though. And I agree regarding ID cards. I said it yestedray as well. This will be used to justify it, not kill it.