* Posts by Halfmad

561 posts • joined 16 Jan 2013

Page:

Nicked unencrypted PC with 6,000 bank details lands council fat fine

Halfmad

Re: What does the ICO do with the money?

Agreed although those frameworks have to be kept up to date, which many aren't otherwise you end up having to take an out of date product at an inflated price. Frameworks aren't the answer and certainly aren't an excuse especially when they could have used free products to encrypt these laptops.

Halfmad

Yet nobody will be fired..

The problem with these fines is that organisations pay up and there's no long term change in attitude, sure they'll do something in the short term as people try to cover their own backs but there's no fundamental shift in attitudes to IT and information security as the same managers, who usually have it as a very low priority remain in post.

The head of their IT department should be sacked for poor IT strategy and management, the manager of the offices where the laptops were stolen due to the poor physical security (regardless of encryption) should also find their job on the line. The role, of their IT security staff should also be checked to see if it's advisory (as many are) and whether those staff need extra backing from the senior management team - which is lacking in most organisations.

Until people know that their jobs are genuinely at risk for this sort of breach they'll never put the necessary importance on IT/info security.

Hardware hacker unifies 15 retro consoles in format frenzy

Halfmad
Thumb Up

Work of genius, but it's a shame that he only put a 1M cable on the controller..

Samsung vs Apple: which smartphone do Reg readers prefer?

Halfmad

None, I can't explain why but I prefer having a bog standard mobile and using a tablet with 3G to lugging around a smartphone. I don't want my e-mail 24/7 and frankly don't like facebook etc enough to give a damn if I miss someones latest pointless post.

Nexus 7 with 3G on Samba Mobile (free 3G) and I'm happy to use it when I need it, without constantly being pestered by daft push messages. People know if they need me they have to call, not e-mail.

DropBox adds single sign-on

Halfmad

I don't trust dropbox with anything personal which is even vaguely important due to their track record, why on earth would I suggest or approve using it in a corporate environment? It's laughable.

They have to allow us to set the encryption keys and take any access away from their own employees before I'd even consider it. Let's not mention SLAs or where the data is hosted though..

ANCIENT CURSED RING known to TOLKIEN goes on display

Halfmad

I didn't think the Black Speech of Mordor was Elvish or has The Reg got a sources somewhere that says it is? It was made by Sauron and he certainly wasn't and Elf.

Scottish uni slams on the Accelerator to boost UK boffinry

Halfmad

If they fail can I have it as a Minecraft server?

UK doesn't have the SKILLS to save itself from cyber threats

Halfmad

Re: We do have the skills

IT security is an afterthought for most companies and although they have policies in place to allegedly keep employees in line it's rarely acted upon if they don't and most of it is lip service. The simple truth is that we need companies to start hiring IT security staff and backing it up with decisive action from HR departments when something is uncovered.

It's ironic that you can be fired for stealing from your employer if what you've stolen is physical but far fewer people are fired for data theft or losing valuable/damaging data and even fewer are reported to the police or ICO.

We have the skills in the UK, we just need companies and government organisations to start taking it seriously and giving departments with IT security staff in them some real power to make the changes necessary.

Rotund Mega baron Dotcom offers bounty for breaking his crypto

Halfmad

I've no interest in his site, but his approach to PR and dealing with news agencies is rather unique and for that I applaud him!

BT to end traffic throttling - claims capacity is FAT

Halfmad

Unlimited for how long?

BT have a habit of changing T&Cs at short notice or with little consultation, "free" web space was recently removed from all home users, but that's dented my confidence in using any of their free storage they now apparently offer, not that they're interested in telling me as I'm an existing user.

As customers of BT Vision will be aware, what they say and what they do are entirely different. Just check out the "new" second on any of the on demand services, some of the products there have been "new" for a year.

Until March when Superfast broadband is available and they won't see me for dust.

Here we go again: New NHS patient database plan sets off alarm bells

Halfmad

NHS trusts and councils tend to appear on the ICO because they self-report to the ICO far, far more often than private companies especially when something very bad happens.

Doesn't mean they are any better or worse at handling data.

Page:

Biting the hand that feeds IT © 1998–2019