SaaS data loss: The problem you didn’t know you had

A system to link a secure communications network used by UK intelligence agencies with other government departments and posts overseas has finally swung into operation, two years later than originally expected.

The slow progress of the SCOPE project drew a rebuke in the annual Parliamentary Intelligence and Security Committee report, published on Wednesday.

Originally forecast for April 2005, the SCOPE Service Operations Centre (SOC) went operational with links to HMRC, the Serious and Organised Crime Agency, the Home Office and Department of Trade and Industry in October 2007. The parliamentary committee reports that establishing the secure link has allowed SOCA to drastically reduce the time it takes to "process requests" for information from 12 hours to 15 minutes. Agencies behind the project have maintained their support despite the delays.

"Other departments also report enjoying finally being connected to the secure intelligence network and being able to communicate highly classified information directly and efficiently with the Agencies, FCO, MoD, Cabinet Office and other users," the report explains.

By comparison, the UK's government's established Government Secure Intranet allows Whitehall departments to exchange less sensitive material than facilitated by SCOPE. However, the Intelligence and Security Committee report reveals that SCOPE has already experienced problems with data loss.

"Earlier this year, the Centre suffered a 'serious process failure' which resulted in the loss of some operational data. Although an independent review was held immediately after the incident and the conclusions of that review are currently being implemented, we remain concerned at the serious implications of such a failure were it to occur again," the committee reports.

What the operational data involved or how it was lost is left unexplained.

The annual Intelligence and Security Committee report provides a rare insight into the normally secret world of Britain's intelligence agencies. Much of the report focuses on problems caused by a lack of manpower.

This has led to a focus on counter-terrorism priorities to the possible detriment of other work. The Scope network is also understaffed. The manpower shortage has led to an influx of IT contractors and project consultants at MI5, something the agency itself is uncomfortable with.

Other strands in the report cover the difficulties faced by signals intelligence agency GCHQ in monitoring IP communications and concerns about the breakdown of the DA-notice system, which is designed to give media outlets voluntary guidance about the national security implications of publishing sensitive stories.

The report also records that UK intelligence agencies remain opposed to the idea of allowing the use of intercept evidence in court, a practice common in other countries but one UK spooks reckon will give the bad guys an advantage in working out the strengths and weaknesses of current techniques. ®

Agentless Backup is Not a Myth