So why were 25 million peoples identity sent on cd (unencrypted)


I read with great concern this week the situation that occurred where the UK Government accidentally lost CD’s containing 25 million UK Citizens details

On October 18, CDs carrying the personal details of every Child Benefit claimant were sent to the National Audit Office by a junior member of HMRC.  HM Revenue & Customs (HMRC)  is responsible in the UK for collecting the bulk of tax revenue, as well as paying Tax Credits and Child Benefits.

What concerns me most is that the data was sent unencrypted…… .  I struggle with this particularly because whenever I’m talking with Government organisations from a mobile perspective they obsess around the need for massive levels of security.

This situation does underline two of the key factors I’ve been talking about for many years in respect of security:

1) Security should be there to manage the risk – not to make life hard for the person using the solution/service.  If you make it really hard to do things – you will have smart people who will find ways around them.  This is demonstrated in this exact example where a junior member of staff sent it via CD as it was probably easier to do so than working with the huge security measures probably in place.

2) No matter what security Technology you have in place – People and Process must also be considered.

It is very scary though that such critical data has been lost in this way!

I’m sure this example will be in every Security Presentation for the next year 🙂


Comments (6)
  1. Ross Dargan says:

    I thought they where encrypted? ("Two password-protected CDs containing the child benefit information were sent unrecorded and unregistered by a junior HMRC official through courier TNT to the National Audit Office on 18 October but never arrived and have not been found." from http://www.silicon.com/publicsector/0,3800010403,39169217,00.htm)

    I think the key issue was that as long as you can remove data from a system then you need to have strict protocols governing what you can do with that data, and how it must be done.

    Technology I feel is just part of the solution (and if that data was indeed encrypted Im not convinced much else could reasonably be done from a technology POV).

    Ross

  2. Casey says:

    Password protected != encrypted

  3. Guy Gregory says:

    password protected != encrypted

    Sometimes a password is just there to slow attackers down. Good example: My Windows Mobile device has password protection, but the data on it isn’t encrypted.

    I do agree that it’s an important point though. Was encryption used? What type? HMRC should clarify this. It makes a HUGE difference.

  4. Ross Dargan says:

    true true – but normally on a CD or other media it does mean the same thing.

  5. MSDNArchive says:

    With the password protection on your device though is that the difference is on your Windows Mobile Device you only have a certain number of attempts before the device is wiped.  

Comments are closed.