More ‘secret’ data made public

Anyone that uses a computer today is well aware of the need for security. Any sensible person has anti-virus software, a firewall and most likely anti-spyware to protect their information and identity.

Security experts recommend that those that use any form of portable device, such as laptops, memory sticks and external hard drives should use encryption software to protect sensitive information as any sort of personal information can be used by criminals to steal identities. So why on earth was a deputy chief constable carrying a laptop around with him without any kind of encryption?

Police sources say Mr Beckley, a former member of the terrorism committee of the Association of Chief Police Officers, had insisted on using his own computer when he joined the force last year.

As a result, none of the information accessible from the machine – which includes anti-terror details, private information about individual officers, and details of criminal investigations, suspects and undercover operations – is encrypted.

It is about time this sort of thing was made an offence. It is one thing to be cavalier with your own information but another thing entirely when it is sensitive information about others or national security. This man should be prosecuted, if people are prosecuted for other, trivial offences, then this man too should feel the full extent of the law.

The halfwits that allowed him to use his own laptop should also face some sort of reprimand, as it appears they seem to think that encrypted, police supplied laptops are a perk of the job, and not a necessity.

Apart from the obvious problem of not knowing what he is doing on the laptop, as a taxpayer I do not want to be paying a police officer to supplement his downloaded music collection, browse his family photos or look at child porn (he wouldn’t be the first, or even the second or third), there is also the question of what he uses it for at home. If he visits disreputable websites, such as piracy or porn websites, chat rooms or other sites, he could pick up viruses and so on that give others access to the sensitive information on the laptop.

How well protected was his personal laptop. Did he have up to date anti-virus software? Did he have a firewall? Anti-spyware products? I am sure that neither the police force nor the public will have any idea whether he was taking the necessary steps to secure the information on his laptop.

This brings me to another important point, if it was decided, by someone, somewhere, that he could use his own personal laptop, why on earth wasn’t his laptop checked over to make sure that it was up to scratch and secure, and why wasn’t some sort of encryption software added as a matter of course?

Encryption, or at least good encryption, is nigh on impossible to crack and it would have made it almost a certainty that the thief got themselves a nice laptop, but nothing else. Yet the officer and the police force just didn’t bother. This is of course after two discs containing child benefit information on 25 million people went missing, again it wouldn’t have been much of a problem had it been encrypted, but it wasn’t. The cost of encryption, virtually nothing. The value of the data to criminals, about £1.5 billion.

This was then followed by information on drivers being lost by the DVLA, again it was unencrypted.

We were then treated to the usual round of ministers and MPs saying things like, “Lessons have been learned,” “Full enquiry,” and “Review procedures.” Nothing changed however as within weeks an MoD laptop went missing containing the full personal details of 600,000 people. Even the MoD don’t bother encrypting data as standard procedure.

Now we are clear that the police have also taken sod all measures to ensure that their data is protected, and we now have the message loud and clear that the government, the MoD and the police couldn’t give a toss about our data.

The only good news was the recent attempt to get legislation through to punish people for their negligence, naturally the ministers were all over the place trying to cover their arses.

“Ministers argued it was “premature” as inquiries were under way into breaches such as the loss of 25m people’s data.”

In other words they had yet to find a low level civil servant willing to carry the can. This legislation needs bringing in as soon as possible, perhaps the threat of prison will make these idiots pull their finger out and treat the information of the public in the way that the public expects it to be treated.

Advertisements

Please feel free to add your own thoughts.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s