BEAR ALLEY BOOKS

BEAR ALLEY BOOKS
Click on the above pic to visit our sister site Bear Alley Books

Monday, July 21, 2008

Hands up who wants one?

Having something of a black sense of humour but I can't help laughing at the juxtoposition of this story from today's Guardian and the advert next to it. "Hands up who wants one?"

You just can't help wondering what kind of morons are running the MoD. You lose a laptop or two and that's unfortunate. Any business would make allowances for the loss: there are people out there who will steal anything that's not nailed down.

But at what point do you increase your security and stop people taking sensitive data off-site? After three laptops have been stolen? Five? Ten? A dozen?

Or maybe you just think that sending out a memo saying: "Don't take laptops with sensitive data on them out of this office" costs more than the laptop. When does it become cost effective? The equivalent of twenty laptops? Thirty? Forty?

Once you get to fifty stolen laptops or seventy-five—oh, hell, let's go for broke and make it a hundred—you'd think that someone would ask the obvious question: are these personal laptops. If the answer is yes, why are you putting sensitive data on them? If the answer is no, why are you taking Government property out of the office? From the wording of the report these do appear to be MoD-owned laptops.

After you've lost one hundred and fifty laptops wouldn't you start asking people not to take them out of the office? And at two hundred wouldn't you tell them not to take them out of the office? At what point do you say: if your laptop contains sensitive data please do not take it out of the office. At two hundred and fifty is your memo more strongly worded (lose the "please")? At three hundred do you write your memo in CAPITAL LETTERS and stop using a smiley at the end?

When do you start firing people for neglect or gross incompetence or just plain idiocy? Four hundred? Five hundred? And the guy in charge... what's he doing about it? Is he resolving the problem? Is he, maybe, so weak in the head that losing five hundred laptops doesn't register as a problem? Is five hundred lost laptops just an inconvenience? How about five hundred and fifty? How about six hundred?

What other place of work would allow six hundred and fifty-nine laptops to be stolen? And we are, surely, talking about losses within the borders of the UK... surely not in combat zones. Would you risk committing sensitive information to a laptop that might fall into enemy hands? Once through overconfidence, maybe twice—but you're dealing in lives here, not property.

So: Hands up, who wants an MoD computer? Seems to me it won't be long before enough have gone missing for us all to have one.

(* Screen grab from The Guardian, posted 20 July 2008, © Guardian News and Media Ltd.)

1 comment:

Ken Davidson said...

I do wonder how many have been 'lost', and how many have been claimed as lost, only to be rehoused in a teenaged son's/daughter's bedroom.

All of these data-protection issues are symptomatic of a computer education system that places emphasis on how to type a letter in Microsoft Word, rather than making people understand what's under the bonnet.

Computers are a long way off from being as user-friendly as household white-goods; but this is precisely how they are treated, and marketed. And we should blame employers who fail to provide adequate training for staff.

So, we get data mismanagement at the very least (incorrect use of servers, duplicated and redundant data, wasteful emails), and data loss at the worst (no backup strategy, equipment abuse, misplaced trust in technology).

Stop me, I'm off on one...