Personal Data Security

[Miss Take]

My point is that data can still be lost/stolen irrespective of who holds the data and also it doens't matter what IT protection there is if the data is lost by someone with access. Having it all centralised will not protect you from this! People make mistakes!

 

Thank god you let us know about this.

I'm about to sabotage the servers at work because they have my bank account details in there. Just imagine if someone got hold of those!!!!!! Work say they need them to pay me, but I think that's just a cover and really they're selling them onto the highest bidder.

 

Anyway, here goes - hope I used the right amount of C4...

[Lonan3]

The goverement needs this data to operate. What's your alternative?

Anarchy! Hey, how do you know if don't try?

[Dodger]

My point is that data can still be lost/stolen irrespective of who holds the data and also it doens't matter what IT protection there is if the data is lost by someone with access. Having it all centralised will not protect you from this! People make mistakes!

 

You make some pretty weak connections. Money gets stolen all the time, should we stop using it? Is everwhere that holds money insecure? Because one bank gets robbed, should we stop having banks?

 

Besides, the article you linked, which I quoted, and you ignored, had the source of the data as the individuals themselves.

 

For example instead of kidnapping a bank manager's family, they kidnap a person's family who has access rights, they copy the data and instead of just loosing what is in one bank....................

The fact that there are IT people means that the technology is continuously changing, as does the threat to computerised systems. You may be able to make a password/software that is unbreakable, but for how long? Probably til you sell it to your first customer and tell them how to password protect! There are people out there that break codes for fun, never mind profit!

 

You didn't get my point. The goverement needs this data to operate. What's your alternative?

 

How did we manage before computers, will society collapse?

 

Money gets stolen all the time?! You seem to accept this?! Do you also then accept that data will be lost? Based on your argument you do!

[ai_Droid]

How did we manage before computers, will society collapse?

 

Money gets stolen all the time?! You seem to accept this?! Do you also then accept that data will be lost? Based on your argument you do!

 

Your stupidity is actually beginning to depress me. Aren't you the guy who publicly winged at the school for over-zelous safety? Now you're suggesting no personal data is ever used ever again because of fears it gets stolen? You can't see how foolish you're being here? If there's a risk, you manage it. You don't give up or ban that practice. This is exactly what you were arguing in favour of in the case of the school.

 

As Ans says, you're repeating the same ill informed crap over and over, there's really nothing more to be gained here I don't think. Fucking glad you're not in my commisioners office though.

[P.K.]

Today we got our "So sorry we lost your data" letter from the Revenue. Get this:

 

This data includes your and your children's names and dates of birth, your address, your National Insurance number and, where relevant, the details of the bank etc etc etc

 

It then tells you to keep an eye on your bank accounts and if you have a problem contact them but not on Christmas Day, Boxing Day or New Year's Day. Signed by Dave Hartnett "Acting Chairman".

 

So that's all right then!

[Cronky]

Your stupidity is actually beginning to depress me. Aren't you the guy who publicly winged at the school for over-zelous safety? Now you're suggesting no personal data is ever used ever again because of fears it gets stolen? You can't see how foolish you're being here? If there's a risk, you manage it. You don't give up or ban that practice. This is exactly what you were arguing in favour of in the case of the school.

 

As Ans says, you're repeating the same ill informed crap over and over, there's really nothing more to be gained here I don't think. Fucking glad you're not in my commisioners office though.

 

Resorting to abuse weakens aways makes someones position seem weak.

[ai_Droid]

Resorting to abuse weakens aways makes someones position seem weak.

 

The inability to form a coherent sentence always makes someone seem stupid.

[Cronky]

Okay, my point is that there is no need to be rude and use four letter words.

[P.K.]

There is a need for foul and abusive language for those who struggle to express themselves.

[ai_Droid]

There is a need for foul and abusive language for those who struggle to express themselves.

 

There appears to be a need for smug twats to force their standards on to others. I can express myself just fine thanks very much.

 

When you've resorted to picking on my writing sytle rather than what I have to say, I'm guessing you've got nothing more to add to the discussion?

 

You find me saying fuck offensive? I find the spreading of daily mail style misinformation equally offensive, including Dodgers repetative bollocks that highlights his ignorance to this topic he seems to be championing.

[P.K.]

Strange but true I know a great deal about databases and their security. You can produce highly encrypted systems with all sorts of built-in security safeguards. But at the end of the day it always comes down to the same old "Who watches the watchers?" The problem being that the only answer is "They have to watch themselves...."

[ai_Droid]

Strange but true I know a great deal about databases and their security. You can produce highly encrypted systems with all sorts of built-in security safeguards. But at the end of the day it always comes down to the same old "Who watches the watchers?" The problem being that the only answer is "They have to watch themselves...."

 

What about audit, four eyes, regulators? What about one way encryption systems that mean the people who hold the database can't actually use the data?

 

Also it's inherantly more secure by centralising data, because there's fewer potential points of weakness.

[P.K.]

To my knowledge all of these techniques have been in common usage for at least the last 30 years. Yes if you keep everything centralised it's easier to control but that doesn't mean it's at the point of need. That's one of the problems. Other problems include the standard GIGO and integrity, updating whilst online, back-up maintenance systems, deliberate attack and so forth.

 

But the weakest link is still the folks using it....

[Albert Tatlock]

Guys, can we try to keep these repetitive arguments into one thread? I can't be the only one growing weary of seeing a new topic every day on the same subject.

Unfortunately this can't be avoided - with so many government employees on MF, the same data is being posted to numerous places.

 

As you as a moderator are responsible for curbing this breach of forum policy Ans, have you not considered resigning and picking up a £200,000 a year job on another forum?

[ai_Droid]

But the weakest link is still the folks using it....

 

Yes, always the case. But to argue that we should stop using such systems because of this is insane. The same risks exist in practically every other system in use also in any other industry or persuit, the risks come in when you add people. The solution is to lock it down as much as you can and implement controls, that includes prevending clerks from exporting the data to CD.

 

To summerise, this data leak is a case for stronger security on central systems, not a indication that the government should stop storing our personal data at all.