Security rarely peoples jobs simpler and more straightforward - sad but true. Security is something CEOs and MDS to allocate budgets, since it looks fine to its shareholders or who are concerned about the Data Protection Act or the Sarbanes Oxley.
Often a shock could inspire a sudden interest and perhaps a sponsorship security-related project. Unfortunately as always in life nothing is as simple - you can spend millions on security - like the HMRC do - but suddenly, someone can escape completely whole because their work is done quickly.
Mr Darling and of Their Majesties Revenue and Customs are not alone in his singular lack of understanding on security. It happens everywhere - in any organization - on one hand we have the safety equipment of the strict implementation of data management, handling and safe working practices. On the other departments have a pile of completely ignoring all of the above, since it makes life much more difficult. It creates a strange sort of paradox in security - almost surreal - a department will be very vigilant in all practices related to security - and soon won a reputation for being clumsy and inefficient. The following department will develop a friendship of laissez fair attitude to safety practices and cultivate a positive attitude and get things " " type reputation.
If do want to get home in time I know I want one for coping with ! But a true security requires a real commitment and dedication - is not a series of projects - is a fundamental ideal of any organization - its working practices and ideology core business. The quest for security does not fit well with the maximization of profits or streamlining processes - even the consequences of ignoring safety can be catastrophic.
From a security perspective - HMRC have ignored so many heads of basic security is difficult to understand. The classification of such data must ensure that it receives the treatment safer, especially during transit. Clearly this is not the case - that the data has not been properly classified and no attempt has been made to ensure the data beyond the rather pathetic password protection. It& 39;s easy to point the finger at the junior manager " & 39; authorizing or organizing this - but it is certainly not where the blame lies. To copy the data on a disk should be technically impossible without the authorization senior. value and importance of these data should be so deeply ingrained in the psyche Departmental & 39; that the idea of copying a CD and appearing in the post " must send so many sound the alarm bell that never happen.
So valuable is this information? It is pure gold powder to the criminal fraternity - the potential benefit of these two discs is difficult to imagine but it is definitely not confined to mere fraud.
We bank will be in the next few days how the media, the public and politicians react this unbelievable situation. The sheer magnitude of this incident I suspect will have a significant far-reaching implications throughout the world.
IT Security and Search Engine Experts
Bookmark it:
No comments:
Post a Comment