Gordon Brown has apologised because a junior employee broke the procedural rules when he copied off details of 25 million people.This represents a completely mistaken view of data security - which is required by a law which his own government passed.
It's not enough to bung data on a computer and then have a piece of paper saying people can't copy it without a senior sign-off.
The point is that you protect the data so that it can't be copied without at least two of said senior people inputting their own personal codes. And they know they'd better have darn good reasons. Nobody of any seniority would have permitted such copying, let alone the methods of transmission.
So the question from today's statement is - does Brown understand that he's talking tripe?
Probably not, or he wouldn't have given a hostage to fortune by pretending that this was the issue.
This immense gaff has far further to run, not simply because the Information Commissioner (who is probably stunned by the depth of the Revenue's incompetence) was already investigating previous breaches.
Incidentally, the government has typically gone for an expensive solution by bringing in the chairman of one of the big accountancy firms to conduct a review.
All they need to do is to hire a few IT security professionals. Poach a few from a major bank. They're used to protecting databases, and they'll know what's required. Conceptually it won't be difficult. But it's beginning to sound as if it will entail a major culture shift in Revenue and Customs.
The question also arises - is this the standard of computer security in the rest of the state sector?
This scandal strengthens the case against big government. If they can't run it properly, we'll just have to try other solutions.
0 comments:
Post a Comment