Deloitte flags risks of UK child database
No such thing as a secure database
Posted in Public Sector, 22nd February 2008 09:32 GMT
Free whitepaper – The Dell Management Console and ITIL
A security review by Deloitte of one of the UK government's child databases - ContactPoint, which will contain an entry for every English child under 18 - has found it is generally secure. With some provisos.
Deloitte makes a timely reminder to a government convinced that securing databases is simply a technical problem: "Risk can only be managed not eliminated, and therefore there will always be a risk of data security incidents occurring."
More positively, the review found information security had "been ingrained" within people, processes, policy development, requirements definition and architecture.
But there were some concerns.
Deloitte recomends more control over access to data by administrators and programmers.
That processes are defined for the safe destruction of physical and electronic media and that clear security advice is given to all helpdesk staff on the production system.
Kevin Brennan, the under-secretary of state for children, young people and families, accepted the report's findings and said the government "will address them". ®

Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Analyst Keynote: The Register Agile Data Center Summit

Dirty, dirty PCs: The X-rated picture guide
Top 500 supers - rise of the Linux quad-cores
Early adopters bloodied by Ubuntu's Karmic Koala
Sign up, sign up for The Register IT security newsletter