The Channel Can Help Prevent Data Loss

Advice 2009-10-28 11:13
Tim Holyoake, Lead Technologist at Software

Tim Holyoake, lead technologist at Software AG looks at the increasingly febrile atmosphere surrounding the well published instances of data loos from government organisations on CDs and memory sticks.

In the increasingly febrile atmosphere surrounding the well publicised instances of data loss from government organisations on CDs and memory sticks, one question is not receiving the attention it deserves - why is removable media being used as a transport mechanism for this type of data in the first place?
In the increasingly febrile atmosphere surrounding the well publicised instances of data loss from government organisations on CDs and memory sticks, one question is not receiving the attention it deserves - why is removable media being used as a transport mechanism for this type of data in the first place?
 
And, of course, it’s not just the high-tech ways of losing data that we need to be concerned about – for example, Richard Jackson was recently fined £2,500 by the courts after leaving top secret paper documents on a train on his way to work on June 10.
Government
UK Government networks have been steadily extending their reach over the last few years. Most, if not all central government departments and their agencies are connected through the Government Secure Intranet (GSi), there is the police national network (PNN), N3 within the NHS and Government Connect, through the GCSx, is steadily rolling out trusted connectivity for local authorities. As far as I am aware, not one of the well publicised instances of data loss in the public sector has been due to a breach of security within a trusted network of computers. Rather, every single reported breach has been due to the often unauthorised, hapless stumbling of individuals losing papers or removable media – either directly through their own actions or through misplaced trust in courier firms.
 
Now, of course, it is rather easier to blame technology than our own failings when scandals of this kind happen. As comforting as blaming 'the computer' may be, the opposite reaction is required. We need to embrace appropriate technologies to help us overcome our human failings. What I am suggesting is that Government should not retreat from the role that the right technologies have to play in ensuring the data security of all of us. The alternative approach of confiscating all computers and electronic filing systems from public officials (as a fascinating ‘green ink’ letter to the Metro newspaper written earlier on this year by one Sarah Gossett suggested) is just patent nonsense. What is needed is the consistent application of technology, like secure and private networks, to enable and embed safer ways of working within the culture of our public sector organisations.
 
Rephrasing my original point, probably the most important question everyone needs to ask is why the investment Government has made in networking not being better used?
 
This question is important and gets to the heart of the matter. If it is possible to eliminate all or the majority of the transportation of sensitive information by paper, CD or memory stick, then perhaps we can all sleep more easily knowing that our data is not going to be left in the nearest pub car park, the 6.15 from Brighton or that sensitive information burnt onto a CD will not be used as a drinks mat in the boss' office.
 
Fortunately, as well as the investment in the physical networks, Government has also invested in methods of reliably and securely delivering data over them – both in human readable forms through electronic messaging and, more importantly, in system to system interoperability and integration. It is the ability to reliably deliver information that is key – it is essential that when I send a package of information I can be certain the intended recipient will get it, be able to acknowledge that they have received it and for that transaction to be capable of audit.
Transmission
One of the most widely used forms of reliable system to system messaging is that supported through the Government Gateway Transaction Engine and DIS (Departmental Interface Server) technologies. The Transaction Engine is available for all of the public sector to use and is deployed within existing Government networks and the market for DIS devices is highly competitive (reducing implementation costs). The use of electronic data transmission through such networks and infrastructure makes the transfer of information between arms of Government safer.
 
Such an approach to data transmission has the capability now to make paper documents, CDs and memory sticks redundant for such sensitive data transfers. And from the work we’ve done at Software AG, we know that similar solutions have the ability to eliminate the need for the use of removable media in transactions between Government and private sector organisations too.
 
To address the problem of secure data transmission in Government successfully, we need the focus to be turned away from fire-fighting each individual instance of data loss and onto ensuring that the investments in Government networks and associated reliable electronic messaging that have been made over the last few years are properly employed to eliminate errors of this type at source.
 

Tags:
Storage
Storage
data loss
Tim Holyaoke
Software AG

Related Articles

The Rise of the SuperVAD
Exclusive Networks' Barrie Desmond explains the concept of the 'SuperVAD' - and why he thinks resellers should harness its power
Ingram Micro seeks ‘cloud VAD’ status
Ingram Micro: “exploding notion of what people expect from a distributor”
de Rojas takes the reins at CA
CA Technologies Names Jacqueline de Rojas as VP and general manager, UK and Ireland