Well it certainly is interesting working for a business that deals with ‘sensitive personal’ data. Our governance department seem to think it their job to stop us actually releasing any of the work we do. First they lock out all the USB ports on our computers so we can’t copy anything to them and now they refuse to let us use our ‘secure’ data sharing system because it is not secure enough.
Apparently they are concerned by people out there with super computers with nothing better to do with their time breaking a 128 encryption; if it’s not 256 then it’s not good enough. Personally if I had a machine capable of brute forcing a 128 encryption I would be using it for more interesting things than getting access to hospital attendance records. While I am sure that there would be some juicy secrets to tell I am not convinced it would be worth the time or money.
What I find particularly frustrating is they continually tell us what we can’t do without any suggestion of how to do what we need to. I appreciate that they have a job to do, but at what point to common sense enter the fray?
Though I suppose, to be fair, the intended recipient for our data couldn’t read it anyway, seeing as how we have to zip it in WinZip 9, as directed by their information governance, but as an organisation they use WinZip 8 so they can’t open the files anyway
Subsequently we are an information processing organisation that cannot release information to a customer who couldn’t read it anyway. Makes you wonder why you get up in the morning.
No comments:
Post a Comment