Unhappy medium for sensitive data transfer
Organisations no longer need removable media or paper documents to transfer files, claims Tim Holyoake
Holyoake: Who needs removable media?
In the overheated atmosphere around recent instances of government data loss via CDs and memory sticks, one question has not been well answered.
Why are removable media being used to transport this type of data in the first place?
As far as I am aware, not one of the well-publicised instances of data loss in the public sector was a breach of security within a trusted network of computers.
They were due to individuals losing papers or removable media – either themselves or through misplaced trust in courier firms.
We need to embrace appropriate technologies that help us overcome our human failings. The right technologies can ensure everyone's data security.
If it is possible to stop the transportation of sensitive information by paper, CD or memory stick, data may not be readily left in the nearest pub car park or on the 6.15 from Brighton.
Sensitive information will not be sitting on a CD that is then used as a drinks mat in the boss’s office.
Fortunately, government bodies have also invested in methods of reliably and securely delivering data over networks. When I send a package of information, I must be certain the intended recipient will get it.
They should be able to acknowledge they have received it and that transaction should result in an auditable trail.
The Government Gateway Transaction Engine and Departmental Interface Server (DIS) technologies are reliable forms of system-to-system messaging.
The transaction engine is deployed within existing government networks and the market for DIS devices is highly competitive – reducing implementation costs.
Electronic data transmission through such networks and infrastructure makes the transfer of information around public sector departments and organisations more secure.
And it means that paper documents, CDs and memory sticks are no longer needed for such sensitive data transfers.
We believe that similar solutions may eliminate the need for the use of removable media in transactions between government and private sector organisations too.
We need the focus to move away from fire-fighting each individual instance of data loss towards ensuring that government networks and associated messaging investments are properly employed to eliminate errors of this type at source.
Tim Holyoake is lead technologist at Software AG