* Posts by Severus

6 posts • joined 8 Aug 2017

NHS supplier that holds 40 million UK patient records: AWS is our new cloud-based platform

Severus

Shifting patient records to the cloud requires approval from NHS Digital

This would be the same NHS digital that presided over the Wannacry Clusterphuq that affected 45 NHS organisations including at least 81 out of 236 trusts across England plus a further 603 primary care and other NHS organisations including 595 GP practices would it? Well they obviously couldn't find their own @rses with both hands and a mirror on a stick, so should NOT be making this decision, the security services should be responsible for ensuring the data is secure. As it stands I may as well put my own health records up for sale and get a couple of quid for them because sure as the sun sets in the evening these records WILL be compromised and sold to the highest bidder.

If Shadow Home Sec Diane Abbott can be reeled in by phishers, truly no one is safe

Severus

Re: Eh?

Nurse, nurse Sed Gawk is out of bed again!

HSBC now stands for Hapless Security, Became Compromised: Thousands of customer files snatched by crims

Severus

There's no excuse...

It's unforgivable that banks do not enforce two factor authentication when customers access their services comprising something the customer has (e.g. mobile phone / token / card reader) and something the customer knows (e.g. password / PIN) so that even if one factor is compromised the customer is still protected.

It's also unforgivable that the fines levied by the financial authorities on companies that lose customer data are simply kept by those authorities rather than re-invested in those companies to fix the security problems that allowed those companies to lose the data in the first place. The bigger the data loss = the bigger the fine = the bigger the investment in fixing it.

Windows Server 2008 SP2 gets new support model

Severus

LOL Chris, had some bad experiences here have we? You and me both!

Cyber arm of UK spy agency left without PGP for four months

Severus

Ever heard of the precautionary principle?

Of course the Chinese are spying on us, they are our enemies! Why don't GCHQ start with the precautionary principle? The principle implies that there is a social responsibility to protect the public from exposure to harm, when there is insufficient evidence to show that something is safe. These protections can be relaxed only if further scientific findings emerge that provide sound evidence that no harm will result.

NotBeingPetya: UK critical infrastructure firms face huge fines for lax security

Severus

Rank Hypocrisy

The biggest UK victim of the WannaCry outbreak was the NHS, when last I heard the NHS was a Government Department so the Governments first task should be punishing itself for not complying with its own rules. Ah, but the reason for non-compliance was under-investment in IT by...you guessed it, the Government. So the government intends to punish itself for not complying with its own rules by fining itself a substantial sum which will leave itself with even less budget to spend on the deficient IT systems that caused the problems in the first place. This will make them more vulnerable to future attacks which will result in even heftier fines leaving them with less cash to fix the problems making them more vulnerable.......................

Biting the hand that feeds IT © 1998–2018