More missing data!!!!!

Discussion in 'Current Affairs, News and Analysis' started by pomps, Oct 13, 2008.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. I read again with disbelife at these peoples incompetence!!!

    taken from the BBC web:
    http://news.bbc.co.uk/1/hi/uk_politics/7667507.stm

    To quote:

    A missing computer hard drive may have contained details of 1.7 million people who had enquired about joining the armed forces, the government has said.

    The drive was reported missing last week by EDS, a firm contracted to the Ministry of Defence.

    Armed Forces Minister Bob Ainsworth told MPs the information, which went missing at an EDS site in Hampshire, was "unlikely" to have been encrypted.

    It is not known if the drive was lost or stolen. An investigation has begun.

    In a written statement, Mr Ainsworth said the drive "may, in the worst case, contain details relating to 1.7 million individuals who have enquired about joining the armed forces".

    Bank details

    While some who had made "casual enquiries" would only have given a name and contact details, "more extensive personal data" may have been held on those who had applied to join, he said.

    "In some cases this will include personal information such as next of kin details, passport and National Insurance numbers, drivers' licence and bank details and National Health Service number," he said.


    I wonder just how many more mistakes have to happen before data actually gets into the wrong hands.

    Utterly disgraceful! Rant suspended.... for now at least


    edit for dyslexia ffs
     
  2. Are contractors like EDS being held to the same new rules wrt data that MoD staff have to comply with?

    If not - after this - they should be!
     
  3. EDS' new owners have put in place an across the board blanket ban on their staff using removable media. Came into effect 2 weeks ago and you need a very good reason and approval before hand to use usb sticks etc.

    Question has to be why EDS are handling the information of those showing an interest in joining????
     
  4. Wibble!
     
  5. mysteron

    mysteron LE Book Reviewer

    UKDaytona - EDS and other IT firms are regularly outsourced to provide the service of losing your data rather than the government - it is a cost saving measure. But you are absolutely correct that there is a removable media ban without encryption across the board. However, IIRC, the defence side of the house has had full encryption demanded for years.


    Kes1 - all firms on defence contracts are on the same rules as MoD Civil Serpents and uniform. It is all about enforcement and its application that may differ.

    The investigation is still ongoin - but before we throw too many stones there is rumour that it was uniform that lost it on the contractor's facility. That still means contractor is to be scrutinised for failure to comply but don't be too rash in blaming the bar steward contractors. Indeed, they actually have a better track record than uniform!!!!
     
  6. Horse, door, bolted?

    By encrypting data on both disk and tape, customers can be confident that "data at rest" is secure and easily accessible. If disks are removed or stolen, the encrypted data is inaccessible and, therefore, protected. Encryption safeguards against loss of intellectual property and private information, and helps to protect individuals and reputation. It looks as if the majority of data thefts and losses are due to insiders. So this would suggest stronger security measures needed. External hacking and burglary happens, but nowhere near as often.

    So, why isn't valuable and sensitive data encrypted and secured under a blanket policy? ? Anyone knows that long encryption keys are harder to crack, and the computing capacity of modern computers easily enables the use of strong encryption methods in data protection, so there is no obstacle to the use of such methods.

    Datapens and Laptops should not routinely contain stuff that poses security risks, and that restriction should become statutory for all government including MOD departments.