A step in the right direction
I was reading this today and unlike the critics in the article, I actually know a few things about enormous government databases. After all, I do work for one.
'Mixing up' the data does not make it 'less secure' like the No2ID spokesperson suggests*. Lax security protocols and bad programming make data less secure. I don't think it's a u-turn either, someone has had the guts to point out the glaringly obvious that similar databases already exist and can easily be adapted.
It would have made for a better report if the BBC had put in a comment from someone in the I.T. industry (e.g. a University lecturer or someone who's written a book) rather than the opinions of a bunch of opposition M.P.s and a spokesperson from a lobby group campaigning against the ID card plan. They're all paid to criticise it so it's hardly surprising that they have.
Anyone within the I.T. industry would tell you that the successful implimentation of a large computer system can only be obtained by tackling risk head on. By using existing infrastructure / systems architecture, much risk has been reduced already.
By removing the requirement for volatile data (address information changes frequently and serves little benefit), the risk could be reduced further.
All in all I would say well done to the government for actually listening to the experts (well, consultants anyway) and making an informed decision.
However the biggest sticking point has still been ignored:
Who is going to put the data on the system?
If it's all done by a bunch of agency temps recruited from who-knows-where then the integrity of the data will be non-existent.
Each user must conform to security standards set by the government and the government needs to make us aware of these standards and how they plan to measure compliance.
It's doubtful that the government will oversee the recruitment and vetting of all the people required for the initial data entry stage of the project so they need to have 'quality assurance' from whoever does.
Given the value and volume of this data, failing to rectify this issue could still bring the project down to it's knees.
* If No2ID want to make a bit more headway in stopping the implementation of a large computer system, it might help their cause if they get some expert advice rather than sprouting out bullshit. Convergence happens all the time in the I.T. industry. WTF do they think the internet is? Mind you they might improve their chances if they have a wash and stop smoking weed!
0 Comments:
Post a Comment
<< Home