Monthly Archive April 2012

Increased Monitoring Powers…Big Brother or Reality Check….

I have recently been copied into a number of outraged emails about plans for increased email and web monitoring.  I have also reviewed a number of comments with bemusement….

http://www.bbc.co.uk/news/uk-politics-17580906?postId=112158582#comment_112158582

I must confess, I am rather less concerned by this than many people appear to be.  I acknowledge that there is an interesting philosophical and moral debate to be had, but from a practical point of view I suspect (I haven’t read the proposals in detail) that this will have a positive effect on most law abiding people and has virtually no practical impact on privacy for most.   The greatest adverse impact probably stems from the increased cost that will be borne by the service providers (and by extension their customers).

Unprotected information released onto the internet must already be considered susceptible to illegal interception – but by criminal organizations and individuals who are definitely not motivated by our best interests.  These criminal organizations often protect their own information better than we do and browsing/mail  profiles are often the only way to understand what is going on.

Legislation like this is designed to help us to help those who are paid to protect us to keep these organizations in check.

In addition, we seem to be unconcerned that our browsing and email profiles are used remorselessly by marketing firms (notice how often adverts match your web searching?) but fly into a frenzy when government seeks to put in place legislation to allow access in a highly controlled way.

Rather than venting bile at this sort of initiative, is it not more sensible to work on the safeguards and ensure that we protect our information effectively?   This will mean that no-one will deploy expensive time and resources to access our information without a very good reason.

I note that  whenever there is a terrorist or criminal outrage, the papers are full of people asking why the security services didn’t know what was happening…. The internet is a dangerous, messy place, but it is also closely linked with the real world and can help us protect ourselves here.
There are far greater threats out there than your average civil servant…… let’s keep some perspective!

Managing Director of SRM, Tom F is a regular contributor to the SRM blog.

Global Payments breach

Alarm bells have been ringing and share price dropping at Global Payments Inc. with the news that they have been suspended (removed?) from the Visa Service Provider Register because of an identified breach of credit card data.

Bad news indeed for Global Payments and perhaps a certain amount of alarm within the company responsible for the independent auditing of the PCI Compliance status. This is the nightmare scenario that every auditing company faces with a client who is compliant today but by tomorrow has implemented a change or failed to upgrade or apply a patch without abiding by basic security rules.

Another persuasive factor for the auditor and client to work in partnership to increase security thereby facilitating compliance.

SRM’s Operations & Finance Director, Brian F is a regular contributor to the SRM Blog.

SRM Blog

SRM Blog