Preventing the Exile of VAR ServicesBy Sara Driscoll | Posted 2007-11-26 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Opinion: The U.K. government has suffered its largest data loss and VARs need to ensure their customers don't suffer the same fate.I honestly never thought I would see the day. Technology has played a part in most governments now for years and, as such, is nothing new. But technology almost toppling a government, well, now that is something we haven't seen before.
And yet this isn't going on in a Far Eastern or an Eastern European country, and it has nothing to do with online voting. It is happening in the U.K.a place that is, in some areas, technologically advanced. And it concerns the loss of 25 million people's vital datanames, addresses, bank account details, national insurance numbers (the equivalent of our social security numbers) and names of children.
The data, held at HMRC (HM Revenue and Customs) was burnt onto two CDs and then posted, via an internal mail service, over to a different government department. Except that the two CDs never made it and are at this moment still missing.
All of this because of a technology problem. Had the files been encrypted, while still a huge blunder, the consequences of the data loss would have been far less drastic. The other aspect is the human error involved in all of this. Unfortunately, it seems one poor junior executive within HMRC is taking the brunt of the blame. But it was in fact the lack of security processes and checks that were at fault.
So where does the channel fit into all of this? Certainly this is not an excuse to spread fear, uncertainly and doubt among customers. Rather, this is proof that not only having the right technology supplier who checks even the minute details of your security is vital, but that offering additional services to customers in the form of process management, is as important as selling the technology itself.
Encrypting a file, while now may be part of everyday tech-speak, is not actually something that most people can do. Having a trusted technology supplier that can help with the smallest, yet most vital of details such as this, is fundamental and it adds another string to any VAR's bow of becoming the trusted supplier. More vital and more profitable is the process side of security management. Removing the human error aspect, as far as possible, through designing processes and guidelines, and ensuring they are adhered to without which any kind of security technology is open to mistakes, abuse and oversights. Within a customer, this may not result in the toppling of a government but could result in the ousting of your services.