Pupil database claimed to be breach-free
A government minister has claimed a clean record on security breaches for the National Pupil Database. Baroness Morgan, under-secretary of state at the Department for Children, Schools and Families, said the stringent security procedures around the database have prevented any breaches since it was set up in 2002. Access is …
So they've kept this one secure by restricting access to seven people. Contrast this to ContactPoint, where 300,000 people and the dog have access?
Apparently on ContactPoint some children have multiple entries with different addresses, so it's not exactly a clean database anyway.
"A government minister has claimed a clean record on security breaches for the National Pupil Database. However, we have no evidence on undetected breaches for obvious reasons."
Anyone else think that this will be like one of the hacking contests run by suppliers of supposed bullet-proof systems?
"In response to a question about how long information is held on the database, Morgan said a retention policy, including archiving data with National Archives, is currently being developed."
That will be standard government retention policy then, keep it forever. But it will stop someone using your identity to steal free school diners when you are dead.
Red rag meet bull.
She'll regret gobbing off about that.
"Baroness Morgan, under-secretary of state at the Department for Children, Schools and Families, said the stringent security procedures around the database have prevented any breaches since it was set up in 2002."
should read
Baroness Morgan, under-secretary of state at the Department for Children, Schools and Families, said the stringent security procedures around the database have prevented any use since it was set up in 2002.
So, let me get this straight. The database has been running for around eight years and they haven't yet got a data retention policy?
Next obvious question - when was the last NA breach?
Note that I did not ask if there had been a breach - given the UK record on leaks^Wbreaches I assume it must happen at least annually unless told otherwise...
Jacqui
Isn't this just asking for trouble? Only the most technologically clueless among us would even think that software's secure, let alone say it out loud, let alone be quoted saying so. What he really meant was that there haven't been any breaches of security _yet_.
Now that the challenge has been issued I would guess that it's only a matter of time before someone has a poke at this database. Whether that first attemp does break it, or whether it takes 50 tries, there can be no doubt that someone, somehow will find a hole. Whether we'll get the same level of publicity from our overlords and masters then, is anybodies guess.
``Lookit here, we havent't bolloxed it up (yet), and we're within the law (what there is of it) so it's perfectly alright. Retention? Vital other details? Er, we're working on it (we're making it up as we go along).''
No retention policy in place after eight years makes me wonder what else they don't have. Do they track who accesses what, and if not, how can these claims, that only duly appointed personnel have access, possibly be believably backed? And if so, how about retaining those access logs? Who says the law guarantees there's no rotten apples in the user base? What happens when a breach does occur? Put any thought into that, you bog standard government muppets? I could go on, but there's no point, really.
This sort of thing is important, but despite aeons of record keeping, very little thought has gone into the meta-details. And those who should aren't thinking about it now. That's not just silly politicians, but you and me, too. So until we come up with a concensus on how these details must be handled, we can't really blame any government. I for me know very well what I want, but do you? Yes, you, dear fellow commentard.
You and me, Darling, obviously. Field Marshal Haig, Field Marshal Haig's wife, all Field Marshal Haig's wife's friends, their families, their families' servants, their families' servants' tennis partners, and some chap I bumped into the mess the other day called Bernard.
I am not inspired with confidence. Pessimist? You betcha.
Given that there will probably be a router with a huge backdoor on it somewhere between the client and server I think to say its even vaguely secure is a downright lie.
It was established in 2002 and the retention policy is not developed yet? Comforting.
BM: We have not found any leaks
Me: How hard and often did you look?
BM: No need, we have mechanisms in place for stakeholders to report any leaks.
Me: So you don't look?
BM: As I said, we have stringent policies in place to gather this sort of intelligence.
Me: But you don't actually, y'know, LOOK; do you?
BM: I have already answered that question on more than one occasion.
Me: Fine then. How about running simulated attacks. Y'know, test your own defences.
BM: That would be in contravention of our stringent, industry leading policies and a complete waste of tax payer's money as we have no leaks.
Me: But how do you know?
BM: None have been reported.
Me: Oh ffs.....
... 8 years, no breaches. One wonders how useful a database accessible by only 7 people in the entire country is though.
One also wonders why the data retention policy is STILL being developed after 8 years. Clearly no hurry - better to hold on to everything.
Little Bobby Tables' mother has to say about that
Is not the same as all breaches prevented.
In any case, government's new obsession with information security is rather beside the point.
Why is the DCSF collecting this information about individuals in the first place? And how is it using it, notionally legitimately? Who does it share it with without breaches of procedure?
Those are things we should be worrying about, not accepting the misdirection in its request for a pat on the back for not losing records it shouldn't have in the first place. I'm sure the Stasi never allowed anyone unauthorised to look at its files before 1989.
After it's been running for 8 *years*.
Let me guess. We'll archive the data when they leave.
To the NIR.
they should upgrade the server ASAP otherwise it has alot of holes... whatever spreadsheet they use as DB till now... :)
anyway good for me...hope UK.GOV invest in more DBs... it would mean more working options to consider :)
Why is it news that a govt dept has NOT screwed up, has done it's job and allegedly hasn't given data to unauthorised parties?
Well if the database isn't on a network then it relies on physical security and the honesty of those authorised to access it. Not a big deal really. It could just as easily be a filing cabinet.
It's when you start putting data online or on a portable device or storage medium that you really have security issues.
It ain't what you don't know that causes problems ... it's what you do know that ain't so....
Would be more comforting to be told 0 breaches detected, >0 attempted breaches detected and prevented.
300,000 people and the dog?
Don't you mean, 300,000 dogs?
The database goes live without a retention and archive policy. How convenient.
What a great way to get this past any discussion in Parliament and the public.
These fundamental requirements should be that, form part of the requirements *before* the system is even developed, let alone go live.
Now, they can implement any retention policy they like and there won't be any opportunity for the public or government to discuss it.
Now is that deliberate or what?
I bet they do have a retention policy, it's an infininte retention period.
Now of course, they can't have that as an official policy as there would be huge public outcry. So what to do? Let's not have an official retention policy, in that way, we can keep the data year on year because we haven't decided how to handle it. And we won't decide how to handle it, that's not in our interests.
You think this is an accident? I think not.
"We have not found any leaks".
They didn't find Burgess, Maclean, Philby, Blunt, etc. either. Not until it was far, far too late.
I have no idea of the accuracy of the below.... but if this is true I am staggered....
http://www.arch-ed.org/issues/databases/school.htm
1. SCHOOL CENSUS and NATIONAL PUPIL DATABASE
The 1996 Education Act (s537) empowered the government to collect information about pupils directly from schools; however, this specifically could not include the name of any pupil. Since then, a series of amendments and regulations has changed that situation to enable, since 2000, a regular ‘pupil level’ (ie. individual) census of every pupil in a state-maintained school. The range of information collected has also increased incrementally, and currently more than 40 individual-level data items are collected.
Because the legislation says that schools must supply the data (a ‘statutory duty’ - which provides an exception to certain requirements of the Data Protection Act) parents and children are nor asked for consent, nor informed that it is taking place. Once collected, the information is held on the National Pupil Database (NPD) and at the moment is principally used statistically or for research. LEAs can also obtain information that relates to pupils in their area.
Capita, who carry out the census on behalf of the DfES, takes information directly from each school’s system on the dates prescribed by DfES. Until 2006, the census was held annually, but it is now termly, and collects more than 40 separate data items on each pupil.
The census has been extended to include nurseries, playgroups and childminders. Those without Management Information Systems give the data directly to the local authority.
More information is available on Teachernet
So only seven people have access, which I do not believe unless those seven also able to carry out every aspecty of the s/w and h/w maintenance, but that completly neglects diversion of the information before it even reaches the database. How many people at Capita have the opportunity to siphon it off? How is it guarantied that all copies are irrecoverably deleted from Capita's systems? How is that information transferred along the daisy chain?
After a little more Googling (well, actually not very much....just putting her name in the search box is good enough to find this)...I found this article about Baroness Morgan which may amuse you.
http://www.timesonline.co.uk/tol/news/politics/article6841374.ece
"Access is confined to a team of seven staff at the department's Darlington office, and they disclose information only to prescribed people for purposes defined by the relevant regulations."
How many "prescribed people"?
Who are they?
What are the "purposes defined by the relevant regulations"?
What are the "relevant regulations"?
Without the answer to THESE questions, it's just a meaningless, patronising, pointless piece of government-speak. In other words, complete bollocks.
Politics - the art of replying to a question without answering it - and more latterly, whilst keeping one's snout firmly in the trough and indulging one's megalomanic ego.
A pox on the lot of 'em!
