Probably the worst nightmare of the data protection specialist is the idea of a trusted member of the organization loading confidential data onto a home machine that is connected to a P2P file sharing network. These events happen all the time and they are inevitable. The latest incident occurred in Hong Kong.
From the article:
"Hong Kong - A government investigation was underway Friday after it was revealed that confidential files from the Immigration Department had been mistakenly leaked on to the internet.
The list, which contained a list of the names of people for officers to watch, plus travel document information and travel records, has been available on the internet since Monday through a file-sharing programme called "Foxy."
The blunder occurred after a newly-recruited immigration officer working at the Lok Ma Chau border point took home some old classified files to study without authorisation.
His computer contained the "Foxy" programme and when he connected to the internet, the files were distributed without his knowledge."
That information fits most people's definition of "confidential". It brings to mind the trip I took to one of the more distant US States. I met with the IT security folks for the State government. They informed me in no uncertain terms that their security was non-existent. They never expired user credentials when someone left the employ of the State. They had open terminals at DMV offices that anyone could access. It was scary. My next visit was to the police department in the State capital. They informed me that they were completely secure- no issues. On further questioning I learned that they felt this way because they had a single connection to the Internet behind a firewall protecting their web server. The only other network they were connected to (without a firewall) was the State's! I also learned that officers kept the contact database of undercover police on their desktops which contained real names and home addresses. Talk about life and death data. Imagine if that data leaked onto a peer to peer network.
Latest software headlines from Network World:
At 10, Google reiterates commitment to CIOs
As Google turns 10, enterprise success in question
Zoho adds Google Docs-like file management
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
