Rubbish – why was it possible for a low level civil servant to download the entire database in one go and burn it to CD? (i.e. the potential is there to steal it).
A low level civil servant should only be able to view a record at a time, and not export the records at all. This is trivial.
A long time since I’ve been in touch with you. The Vigenere cracking program that you motivated me to write is still a hit on my website, got 481 downloads last month and I still get the odd question. And amazed how many people do not know about word patterns, talking to a bunch of people about genetic algorithms for solving monoalphabets, and when they heard the word pattern idea, realised simpler solutions were possible (in their case word boundaries are visible in the ciphertext).
I now work in information security, for a UK bank. On this HMRC breach, I agree in an ideal world a junior employee would only be able to access a few records at a time. However, this is not the common case in any organisation I’ve seen. It’s common practice for anyone front line to be able to access the whole lot. Now, it would be great to fix this, but that would mean greatly changing procedures in branches, call centres, etc. Lots of places disable the CD writers, but enable them again when you put in a request saying you need it. One effective tactical solution is technologies like Vontu and WebSense that track confidential data at egress points. So while what’s happened is not good, it could quite easily happen to most big organisations. And I suspect it has, just others haven’t admitted it.
Another approach to fixing this is reducing the value of the captured data. Ideally, you should not be able to open credit cards only know those few details, but as it stands no-one has a better idea. Identity cards could potentially do it, as could credit reference agencies taking a more active role, including a more active relationship with consumers.
—————-
Hello (hope you don’t mind the edit – to answer the deleted Q…. no)
I never did tell you how pleased I was that you went off into that field. It’s one of the few identifiable places when I’ve changed someone’s life (not the only one – and obviously there will be many cases that are not obvious).
I know that someone would be able to access the whole lot…. but surely, not all at once?! I.e. lookup the info for the one person you need to do a job, not hit ‘download’ and get the whole database?
Identity Cards… I hope you’re not meaning the big database from the Govt, rather, internal ID security for the organisation? To my mind the Govt ID database is one big target for ID theft!
One Comment
A long time since I’ve been in touch with you. The Vigenere cracking program that you motivated me to write is still a hit on my website, got 481 downloads last month and I still get the odd question. And amazed how many people do not know about word patterns, talking to a bunch of people about genetic algorithms for solving monoalphabets, and when they heard the word pattern idea, realised simpler solutions were possible (in their case word boundaries are visible in the ciphertext).
I now work in information security, for a UK bank. On this HMRC breach, I agree in an ideal world a junior employee would only be able to access a few records at a time. However, this is not the common case in any organisation I’ve seen. It’s common practice for anyone front line to be able to access the whole lot. Now, it would be great to fix this, but that would mean greatly changing procedures in branches, call centres, etc. Lots of places disable the CD writers, but enable them again when you put in a request saying you need it. One effective tactical solution is technologies like Vontu and WebSense that track confidential data at egress points. So while what’s happened is not good, it could quite easily happen to most big organisations. And I suspect it has, just others haven’t admitted it.
Another approach to fixing this is reducing the value of the captured data. Ideally, you should not be able to open credit cards only know those few details, but as it stands no-one has a better idea. Identity cards could potentially do it, as could credit reference agencies taking a more active role, including a more active relationship with consumers.
—————-
Hello (hope you don’t mind the edit – to answer the deleted Q…. no)
I never did tell you how pleased I was that you went off into that field. It’s one of the few identifiable places when I’ve changed someone’s life (not the only one – and obviously there will be many cases that are not obvious).
I know that someone would be able to access the whole lot…. but surely, not all at once?! I.e. lookup the info for the one person you need to do a job, not hit ‘download’ and get the whole database?
Identity Cards… I hope you’re not meaning the big database from the Govt, rather, internal ID security for the organisation? To my mind the Govt ID database is one big target for ID theft!