Deloitte flags risks of UK child database
No such thing as a secure database
Posted in Public Sector, 22nd February 2008 09:32 GMT
Join our expert panel in discussing application security
A security review by Deloitte of one of the UK government's child databases - ContactPoint, which will contain an entry for every English child under 18 - has found it is generally secure. With some provisos.
Deloitte makes a timely reminder to a government convinced that securing databases is simply a technical problem: "Risk can only be managed not eliminated, and therefore there will always be a risk of data security incidents occurring."
More positively, the review found information security had "been ingrained" within people, processes, policy development, requirements definition and architecture.
But there were some concerns.
Deloitte recomends more control over access to data by administrators and programmers.
That processes are defined for the safe destruction of physical and electronic media and that clear security advice is given to all helpdesk staff on the production system.
Kevin Brennan, the under-secretary of state for children, young people and families, accepted the report's findings and said the government "will address them". ®


The future of SaaS and IT infrastructure management
The Total Economic Impact of Dell's PC products and services
The best practices guide for application security
Reducing messaging and web security costs with managed services

Win a Samsung C6625!
Is your cameraphone an oxymoron?
Reg Mobile and Wireless newsletter is go! go! go!
Sign up, sign up for The Register IT security newsletter