I haven't played with PGP security, but I've been told it's not terribly difficult to use. It's absolutely ridiculous to be storing such sensitive data completely unencrypted when there's so many options. That's like someone refusing to lock the doors because 'key technology is too much bother to learn'.
There's not a facepalm meme image big enough for something like the NASA situation.
"So why should they be punished for mistakes they haven't made on purpose?"
OpenSSH is freely available and used in the private sector all the time. Many of the insurance and financial companies I deal with require it for personal data transfers. Government entities should be exempt? I don't think so.
The encryption does take a little time, but not appreciably more than tarring or zipping the files for transfer. If you deal with personal data, these are avoidable mistakes and they can be ruinous to many people. Would you say somebody who runs over another person with a car, by mistake, shouldn't be held responsible?
Having worked in aerospace a number of years ago, it is very true that NASA and the Government do extensive checks for security clearance. Having recognized the value of security, one would think that it would extend to the safeguarding of data! Your article should be shared with all State/Federal agencies.
The loose security we provide for data needs to end. Your recommendation of standards for encryption would go a long way to managing that data effectively.
I'd need to look the story up, but I think there were issues with data retention. Certainly, the wholesale removal of hard drives by a Governor's staff was unprecedented.
Actually, that is a state law that allows that to happen.
The practice continues to this day whenever someone leaves a state post. The woman lab worker under investigation for tampering with case evidence at the state crime lab was allowed to take her hard drive when she resigned.
Even as the criminal investigation into her activities continues.
I know we don't really have Mitt Romney to kick around any more, but I guess nobody ever was held accountable in Massachusetts for that extraordinary incident where Romney staff members were allowed to "buy" their hard drives from the Massachusetts government, and then destroy them.
Hounhosp, I think pushing for all data to be encrypted is going to run into cost issues. But it shouldn't be difficult to define sets of data which require encryption. One would hope that classified data is encrypted by federal agencies already. Data like social security numbers, password records, credit card information, and -- yes -- HR records, should be encrypted too.
Doubtless there are mountains of data which are not sensitive at all.
I've heard that story as well. I wonder how the pigeons where able to reach their intended destination. I hope not all of them ended their journey into a chimney. :D
But the way the laws are written companies in the private sector are Punished. Companies and individuals responsible that make honest mistakes are fined, can be sued and can be jailed.
The sad part is, from what I have seen, when a data breach happens in the government it is almost always negligence that led to it. Rookie mistakes being made by people who should know better. Largely because they do sloppy work with no compliance pressure to keep them focused.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Social media has been with us for a decade -- but employer policies and the law are anything but firm about the most appropriate usage of this powerful tool.
Businesses often struggle to decide which domain to use. When it comes to purchasing a domain name, you have plenty of extensions to choose from, ranging from .com and .net, to .me, and even .mobi. But which one should you pick?
I've been writing about how the next evolution of the Internet might just be an advertising revolution, and how corporate IT can stay involved as the enablers and providers of the technologies that make this possible.
In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
