Editorial: Protecting Data

THERE is no longer any choice. Computers and the high bandwidth Internet link the world together and have indeed recreated the global economy, with the speedy and efficient transmissions of many terabytes of data every day. There is certainly no business with international pretensions, including any here in the Kingdom, that can afford not to link into the worldwide information system.

This said, computers may be able to execute extraordinarily complex tasks at withering speed, but they are essentially dumb machines. They will only ever be as good as the people who program and operate them. And as the extraordinary data protection scandal that broke on Tuesday in the UK shows, if the people who use them are even dumber than the computers, the results can be potentially disastrous. That the names, addresses, tax codes, national insurance numbers, dates of birth and bank account details of no less than 25 million Britons can be lost while being transported by hand between the UK tax authorities and another government department is frankly astonishing. If the two computer disks onto which this information was placed, entirely unencrypted, have fallen into the hands of fraudsters, the results will be catastrophic. The fact that the data were being moved physically, rather than transmitted over a broadband link, does not detract from the serious issue that has been highlighted by this extraordinary blunder by a government department in a supposedly sophisticated and technically advanced country. Every computer, everywhere, whether a personal desktop or a business system holds data that must be protected from unauthorized access. They are prey to fraudsters, industrial or outside government espionage, hackers whose aim is to mangle and destroy data or to terrorist attack.

There are some very tempting terror targets. Much discussion has taken place about Al-Qaeda’s use of a “dirty bomb,” an explosive device surrounded by radioactive material which would be scattered widely when detonated. But nuclear power stations around the world are ready-made bombs just waiting to be exploded. A hacker who could break into such a station’s operating system, could in theory issue a series of instructions that would cause the reactor to go critical, melt down and explode. Governments will of course insist that security at these installations is foolproof. Nevertheless systems, including security systems, remain only as good as the people running them. Who would ever have imagined the British tax authorities would send off the personal details of almost half the UK population with a motorbike messenger?

The two major threats to computers are loss of electric power and unauthorized access by people with malign intent. It is therefore of paramount importance that everyone, but particularly businesses, pay continual attention to the integrity of their IT systems. Computer security is an expense in time as well as money.