75 percent of UK Military data at security theft risk

January 14th, 2009 - 4:43 pm ICT by ANI  

London, Jan 14 (ANI): Almost 75 percent of the UK Ministry of Defence’’s IT systems are not up to the mark with regard to the Government’’s own standards for data security, a Whitehall audit has revealed.

It was found that the systems in the Ministry that do not meet Cabinet Office standards also include those holding military secrets and sensitive personal data.

Last year, a Whitehall review enlisted minimum standards for data handling by Government departments after the loss of 25 million child benefit records in 2007.

Orders were passed for the ministries to establish common standards to limit officials” ability to remove data on portable storage devices like disks and laptops.

They were also asked to make sure that any data on such devices is properly encrypted and password-protected.

The MoD told Shailesh Vara, a Tory frontbencher, that a review of its compliance found that only 27 per cent of IT systems meet the new data-security standards.

And almost 31 per cent of systems have “conditional or interim” accreditation to Whitehall standards.

“Given the Mod poor track record in keeping info safe it is extraordinary that it still has nearly 3 quarters of its IT systems not properly accredited, The Telegraph quoted Vara as saying.

He added: “We are dealing with very sensitive and important data and it is simply unacceptable that there is still so much information which is at risk.”

The MoD revealed that it had only assessed 58 per cent of several hundred-computer systems it uses.

And it said that they are working towards assessing and protecting the rest, referring to its “significant workload undertaken to plan and develop solutions for new equipment systems or platforms.”

Last summer, the MoD confirmed that its staff had lost a large number of portable USB memory sticks, some containing military information classed as “Secret” .

The MOD continues to make good progress to ensure the security of personal and sensitive information and we have prioritised the most sensitive systems that need protection. We have already encrypted 20,000 laptops that were not previously protected to the level required by current MOD and Government policy, said a MOD spokesman.

He added: A large proportion of the systems that are not accredited are under development and are therefore not processing live data. We have ensured that those systems that are not yet fully accredited are protected by other means. This is a new system of accreditation, introduced in response to the Hannigan and Burton reports, and will take time for full implementation across the hundreds of MOD systems. (ANI)

Tags: , , , , , , , , , , , , , , , , , , ,

Posted in World |