Feeds

back to article ISA report reveals email security lapse

The Independent Safeguarding Authority's first annual report reveals that it sent an email with confidential data to the wrong address. The incident, which occurred in the organisation's first full year of operation, was followed by an investigation which concluded that the lapse was due to human error rather than procedural …

COMMENTS

This topic is closed for new posts.
WTF?

human error rather than procedural failures,

What a crock

A procedure that allows humans to fail, fails

They should have their nuts crushed

0
0
Silver badge
FAIL

"the lapse was due to human error..."

"... rather than procedural failures."

General Buck Turgidson: "Well I don't think it's quite fair to condemn a whole program because of a single slip up" - From Doctor Strangelove (or How I Learned to Stop Worrying and Love the Bomb)

0
0
FAIL

Get your facts right about Soham

Ian Huntley did NOT work at the school of the girls he murdered. His girlfriend worked at the school and that's how he came to know them. Therefore, the fact that he was a school caretaker matters not one bit. This error just helps to propagate anti-paedophile hysteria. I expect better of the Register.

As for the ISA's little 'oops', that's just typical. Wait until they lose the entire database. Any day now...

0
0
Grenade

Insane

> it sent an email with confidential data to the wrong address.

There are 3 problems here:

1) They send confidential data by unencrypted e-mail. Anyone could read it in transit.

2) They send confidential data by e-mail. If you get into the habit of doing this, it's predictable that someone will eventually mistype the e-mail address.

3) They mistyped the e-mail address

> an investigation which concluded that the lapse was due to human error rather than procedural failures

If your procedure involves "human types in e-mail address and gets it right 100% of the time", then your procedures are broken. No-one is perfect, a screwup is inevitable. However, a whitewash "investigation" that blames it all on some minimum-wage clerk is much better than a real investigation that points out the procedure chosen by management is wrong.

0
0
(Written by Reg staff)

Re: Get your facts right about Soham

I don't see where the article says Huntley worked at the girls' school. Besides, it's a syndicated article.

0
0
FAIL

You can't make this up

Damn, I should have placed that bet on how long it would take.

Option request: Allow users to select multiple icons in the same response

0
0
Gold badge
Joke

on the bright side

I don't think the government email system allows GB size attachments, like the whole database.

0
0
Anonymous Coward

Stasi all over again

"From 1 November 2010 it will be mandatory for all people taking new jobs or changing jobs in relevant roles to be registered with the ISA."

And ISA forwards them, "by accident", of course, to employers and police archives.

Yet another layer of Stasi-type of action.

Like commenters earlier said, any, supposedly "safe" , procedure which uses hand-written e-mail addressess, is broken by definition.

0
0
This topic is closed for new posts.