Sunday 2 November 2008

Curse of the memory stick strikes again

(By Richard Holway) On Friday we had a meeting with Keith Wilman who heads Atos Origin in the UK. He seemed very chipper and gave no indication that news of yet another memory stick loss, this time involving his company, was just about to break in the Mail on Sunday. See Tax website shut down as memory stick with secret personal data of 12m is found in pub car park. The loss has resulted in the Dept of Work and Pensions’ Gateway service being closed down. Atos Origin has accepted responsibility for the completely unauthorised actions of an employee.

Gordon Brown told ITV News that this was completely unacceptable, and warned that the company would be punished. “I think that the company responsible has accepted responsibility and it is a private company. I think action will be taken by the Department of Work and Pensions. It’s not acceptable behaviour,” Brown said that Atos Origin could expect “changes to the contract.”

The loss comes on the back of too many other examples of data security breaches. The last one involving PA Consulting - my post 22nd Aug PA Consulting in the news for all the wrong reasons. But if HM Government punishes every supplier involved in such incidents, there will be no suppliers left. In this case the data on the memory stick was encoded. But the low cost and small physical size of these memory sticks makes their loss inevitable. Even banning their use around any sensitive project is unlikely to be truly effective without airport style security at every exit.

I do not wish to make light of these breaches, but I am unaware of any actual damage caused by such breaches – other than to the population’s confidence in IT systems.

No comments: