[ISN] Missing MOD disks did not need to be encrypted, says EDS

From: InfoSec News <alerts_at_private>
Date: Thu, 16 Oct 2008 03:10:05 -0500 (CDT)
http://www.computerweekly.com/Articles/2008/10/14/232662/missing-mod-disks-did-not-need-to-be-encrypted-says.htm

By Tony Collins
Computer Weekly
14 Oct 2008

A lost MOD hard drive, which contained the personal details of members 
of the armed forces, did not have to be encrypted under Ministry of 
Defence procedures because it was held in secure premises, it has 
emerged.

The drive could contain data on 100,000 members of the armed forces, and 
600,000 potential recruits, according to reports.

Rob Fry, head of EDS Defence, told BBC Radio 5's Drive programme, "The 
hard drive was not encrypted but neither did it need to be, in terms of 
the protocols to which we and the Ministry of Defence work, when it sits 
inside a secure site."

The BBC also interviewed a Computer Weekly journalist, about the 
implications of the missing hard drive.

EDS reported the loss of the disk last wednesday, but it is not known 
when the drive disappeared.

The Ministry of Defence said in a statement that the hard drive may yet 
turn up at another secure site. It has conceded that the personal 
information of members of the armed forces might have been "compromised" 
by the loss of data on the drive.

The 1TB portable hard drive went missing from a secure EDS site at Hook 
in Surrey.

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/
Received on Thu Oct 16 2008 - 01:10:05 PDT

This archive was generated by hypermail 2.2.0 : Thu Oct 16 2008 - 01:23:35 PDT