Monday Aug 01, 2011

Document Theft - IRM as a Last Line of Defense

Document TheftI haven't had much time to update the blog recently, but just time to post before going on holiday. Over recent weeks there have been numerous stories relating to document theft – the Pentagon commentary on systematic theft of thousands of documents from defense contractors, the reports of journalists hacking into not just phones but the email systems of public and private citizens, the smug announcements by “cyber terrorists” that they’ve stolen files from various organisations.

The relevance of IRM is clear. Protect your perimeter, your applications, your file systems and repositories, of course, but protect your sensitive documents too. In the end, there are so many ways to gain digital possession of documents – but only one way to actually make use of them if they are protected by IRM. Anyone stealing a sealed document by whatever means has another substantial line of defense to overcome.

And that line of defense is designed to audit and authenticate access attempts as well as consider a number of other risk factors. It can also be rapidly reconfigured to deny access completely in the event of calamity – a single rule change can prevent all access from compromised user accounts or for whole classifications of information. The audit trail can also provide valuable clues as to the source of the attack.

In a cloudy world, where perimeters are of diminishing relevance, you need to apply controls to the assets themselves. And the scalable, manageable, intuitive way to achieve that control is Oracle IRM.

Monday Mar 14, 2011

Anonymous exposes sensitive bank emails


anonymous As expected for quite a while, emails purporting to reveal alleged naughtiness at a major bank have been released today. A bank spokesman says "We are confident that his extravagant assertions are untrue".

The BBC report concludes...  "Firms are increasingly concerned about the prospect of disgruntled staff taking caches of sensitive e-mails with them when they leave, said Rami Habal, of security firm Proofpoint.

"You can't do anything about people copying the content," he said.

But firms can put measures in place, such as revoking encryption keys, which means stolen e-mails become unreadable, he added."

Actually, there is something you can do to guard against copying. While traditional encryption lets authorised recipients make unprotected copies long before you revoke the keys, Oracle IRM provides encryption AND guards against unprotected copies being made. Recipients can be authorised to save protected copies, and cut-and-paste within the scope of a protected workflow or email thread - but can be prevented from saving unprotected copies or pasting to unprotected files and emails. 

The IRM audit trail would also help track down attempts to open the protected emails and documents by unauthorised individuals within or beyond your perimeter.


Thursday Mar 10, 2011

Hospital fined $1m for Patient Data Breach


hospital-finedAs an illustration of the potential cost of accidental breaches, the US Dept of Health and Human Services recently fined a hospital $1m for losing documents relating to some of its patients. Allegedly, the documents were left on the subway by a hospital employee.

For incidents in the UK, several local government bodies have been fined between £60k and £100k. Evidently, the watchdogs are taking an increasingly firm position.


Thursday Feb 10, 2011

Energy Firms Targetted for Sensitive Documents

Numerous multinational energy companies have been targeted by hackers who have been focusing on financial documents related to oil and gas field exploration, bidding contracts, and drilling rights, as well as proprietary industrial process documents, according to a new McAfee report.

"It ... speaks to quite a sad state of our critical infrastructure security. These were not sophisticated attacks ... yet they were very successful in achieving their goals," said Dmitri Alperovitch, McAfee's vice president for threat research.

Apparently, the attacks can be traced back over several years, creating a sustained security compromise that has provided access to highly sensitive information that is of huge financial value to competitors.

The value of IRM as an additional layer of protection is clear. Whether your infrastructure security is in a sad state or is state of the art, breaches are always a possibility - and in any case, a lot of sensitive information is shared with third parties whose infrastructure security might not be as good as yours. IRM protects the individual information assets directly so that, even if infrastructure security is compromised, your critical information is enrypted and trackable and only accessible to authenticated, authorised, audited users.

The full McAfee report is available here.



Thursday Jan 06, 2011

Renault under threat from industrial espionage, intellectual property the target

Last year we saw news of both General Motors and Ford losing a significant amount of valuable information to competitors overseas. Within weeks of the turn of 2011 we see the European car manufacturer, Renault, also suffering. In a recent news report, French Industry Minister Eric Besson warned the country was facing "economic war" and referenced a serious case of espionage which concerns information pertaining to the development of electric cars.

Renault senior vice president Christian Husson told the AFP news agency that the people concerned were in a "particularly strategic position" in the company. An investigation had uncovered a "body of evidence which shows that the actions of these three colleagues were contrary to the ethics of Renault and knowingly and deliberately placed at risk the company's assets", Mr Husson said.

A source told Reuters on Wednesday the company is worried its flagship electric vehicle program, in which Renault with its partner Nissan is investing 4 billion euros ($5.3 billion), might be threatened. This casts a shadow over the estimated losses of Ford ($50 million) and General Motors ($40 million).

One executive in the corporate intelligence-gathering industry, who spoke on condition of anonymity, said: "It's really difficult to say it's a case of corporate espionage ... It can be carelessness." He cited a hypothetical example of an enthusiastic employee giving away too much information about his job on an online forum.

While information has always been passed and leaked, inadvertently or on purpose, the rise of the Internet and social media means corporate spies or careless employees are now more likely to be found out, he added.

We are seeing more and more examples of where companies like these need to invest in technologies such as Oracle IRM to ensure such important information can be kept under control. It isn't just the recent release of information into the public domain via the Wikileaks website that is of concern, but also the increasing threats of industrial espionage in cases such as these. Information rights management doesn't totally remove the threat, but abilities to control documents no matter where they exist certainly increases the capabilities significantly. Every single time someone opens a sealed document the IRM system audits the activity. This makes identifying a potential source for a leak much easier when you have an absolute record of every person who's had access to the documents.

Oracle IRM can also help with accidental or careless loss. Often people use very sensitive information all the time and forget the importance of handling it correctly. With the ability to protect the information from screen shots and prevent people copy and pasting document information into social networks and other, unsecured documents, Oracle IRM brings a totally new level of information security that would have a significant impact on reducing the risk these organizations face of losing their most valuable information.

Tuesday Sep 07, 2010

Data loss, encryption & security in health care - is your medical data safe?

Over the past few months i've been spending more time with customers in the health care industry. Globally we are seeing an increase in security breaches of patient data, just look at the following examples of data loss in the last month alone...


"Using IRM to encrypt and control access to patient data at the file level means no matter where the file is stored, it is always protected."
These are alarming numbers! As more and more medical and health care organizations are being mandated to move to electronic systems for storing your confidential medical information, these incidents are only going to rise. The modern world is full of new technology designed to make sharing information easier, networks are getting faster, storage devices bigger and threats to your data are increasing at the same rate. A recent study found that attempted attacks on health care organizations increased from an average of 6,500 per health care client per day in the first nine months of 2009 to an average of 13,400 per client per day in the last three months of 2009. As the UK's Liberal Democrat Robert Brown, said: "These are frightening figures. Central government, local councils, NHS boards and the police hold a great deal of information on all of us. Our data is in their hands and we need to know they are taking this responsibility seriously... Liberal Democrats called for an urgent review into data loss in January. I want to know what the government have done since then and why the situation has not improved."

Not improved? I'd like to know why it seems to be getting worse... This increase in activity is taking place in parallel to new laws trying to protect your information. Recent changes to legal acts, such as the Health Insurance Portability and Accountability (HIPAA) act in the US, define that health information must be secured and typically the key word is encryption. As an article on recent HIPAA changes in SC magazine mentions; "In the past, companies offered hard drives that used strong encryption. However, analysis showed that strong encryption was used but only to protect the password and not the data that was stored on the devices. The actual data stored on the hard drive was encrypted with an encryption algorithm developed by the company, which proved to be anything but strong. This illustrates the potential pitfalls of choosing any type of encryption package -- a lack of strong, secure encryption. Obviously, some encryption programs do a better job of protecting data than others, but how can a company choose the right one?" Robert-Brown-Lib-Dem.jpg
"The government is not in control of the situation. They need to get a grip on this right now."
Robert Brown MSP, Spokesperson on Justice

Encryption is a key method to securing information, so much so, that the HIPAA regulations say if your patient information is encrypted, you avoid fines and requirements to publicly notify government of any breach of data. So how do you choose the right way to use encryption? Start by looking at the way data is lost, it falls into a few common areas. Firstly the loss or theft of devices on which the information is stored, DVD's lost in the post, stolen laptops and mislaid USB data devices seem to dominate the news. Then every so often someone accidentally emails patient data to the wrong recipient or posts files online insecurely. Secondly look at the type of format the lost information is stored in;

  • Database exports/backups
  • Unstructured documents such as spreadsheets, PDF's, or emails
So many incidents involve the loss of laptops and storage devices that contain database backups or documents and emails that have either inadequate encryption or none at all.

Are there no decent technologies to address these problems?

Quite the opposite, now more than ever there are many products designed to address these issues by implementing encryption and access controls. Lets look at some of the solutions from Oracle which could significantly improve the security of patient information and massively reduce the risk of health care organizations being fined and publicly embarrassed.



Before I go into any detail, look at the diagram above which highlights patient information typically lives in three places. The database, the application or in a document. To ensure we use encryption and security effectively, we need to put solutions at all three areas. I'm only going to cover specific Oracle encryption technologies in the rest of this article. It is common sense the following should be part of a complete medical data security solution that uses identity & access management solutions, browser to application server network encryption (SSL over HTTPS) and other well known methods of information security.


Encrypting data at rest

Hard disk encryption is often touted as the answer to protecting data at rest. However in practice this addresses only a small area of the problem. When it comes to databases, performance is key. So encrypting the disks on which the medical databases reside can significantly impact system performance. Performance is everything in health care, timely access to patient data can be a matter of life and death. However with the Oracle database, encryption can be used within the database platform itself and here we can really reduce the impact of performance. Transparent Data Encryption (TDE) applied at the table space (the files which store information) has a minimal impact on performance and more importantly does not affect the ability to compress the data. The last thing you want is to start encrypting your database information to find that your previously effective compression is now useless and results in a doubling of the database storage requirements.


But encrypting the data in the database doesn't help when physicians are downloading spreadsheets of patient data from health applications and storing them on USB devices and laptops which are easily lost or stolen. Of course this is where Information Rights Management (IRM) comes into play. Using IRM to encrypt and control access to patient data at the file level means no matter where the file is stored, it is always protected.


Encrypting data in transit

In transit usually means when information is being transferred across a network. Encrypting database backups on DVD's and using IRM to protect files stored on USB keys falls under data at rest requirements. The same set of technologies in the Oracle database that protect information whilst it resides on the disks can also be applied as the database transmits information to the application over the network. Configuring the encryption of information on the network in the Oracle database is easy and requires no change to the application! Protecting patient information couldn't be easier.


Does IRM fit into securing data in transit? Of course, if the file is encrypted with IRM it doesn't matter how it is transferred over the network, it is always encrypted. As an attachment to an email, accidentally hosted on a public website or even stored in the database, IRM protected files are always secured no matter where they live or how they are transferred.


Encrypting data in use

Rarely do we see anyone discuss data in use. What do I mean by "in use"? When you access the health care application and look at a patient record, when you have open a spreadsheet or PDF and are printing it, copy and pasting it into other documents. This is a massive area of data loss and one that very few technologies can address. Mostly we see solutions about protecting information as it moves from the health systems to the users. Ensuring as it resides on storage devices and moves across networks, encryption and access controls provide security. Yet this leaves a gaping hole, how do you ensure people are allowed to use patient data in a secure manner?


Two technologies really help in this regard. Data loss prevention (DLP) technologies are a great way to detect the movement of patient information as it crosses application, network and storage boundaries. I might want to copy my patient records to a USB key or email the information to my home computer. DLP does a great job of detecting this activity, yet it is limited to only blocking and preventing it from taking place. In health care this is a serious problem, stopping people getting access to and using patient information can prevent the physician from delivering care. The last thing you want to stop is a surgeon being able to access critical information when someone's life depends on it.

Again IRM steps in to provide a solution. IRM combined with DLP can both detect and secure the use of patient data. IRM delivers some functionality that significantly improves the ability to protect patient data.

  • IRM documents are never decrypted back to their original form. Unlike document security technologies such as PGP, IRM controls access to the document at all times and the files are never decrypted to disk.
  • The clipboard is under total control, so patient data remains inside the document and cannot be copied into social networks, other documents or applications.
  • Screen shots are prevent with IRM technology, so images of patient data cannot easily be copied or reproduced insecurely.
  • Printing is also controlled, so many incidents of patient data loss have been from physical, paper copies of the information. IRM can prevent documents from being printed and therefore this exposure is prevented.


Wednesday Jan 13, 2010

UK Data Losses to Incur Fines Up to £500,000

The BBC reports that the British Secretary of State for Justice has approved a new rule to empower the Information Commissioner's Office to impose fines up to £500,000 for data breaches.

Fines will be in proportion to the severity of the breach and the resources of the erring organization.

In a press release, Information Commissioner Christopher Graham, said: "Getting data protection right has never been more important than it is today. As citizens, we are increasingly asked to complete transactions online, with the state, banks and other organisations using huge databases to store our personal details. When things go wrong, a security breach can cause real harm and great distress to thousands of people. These penalties are designed to act as a deterrent and to promote compliance with the Data Protection Act. I remain committed to working with voluntary, public and private bodies to help them stick to the rules and comply with the Act. But I will not hesitate to use these tough new sanctions for the most serious cases where organisations disregard the law."

Keep alive public awareness of data loss, support

Public reporting of security issues and incidents are key to addressing security concerns and continuing to advance the methods we all use to protect our most valuable data. Without public scrutiny, we are exposed to lack of awareness which leads to lack of security through lack of knowledge.

Luckily the Open Security Foundation (OSF) do a great job of managing two very important web sites. The Open Source Vunerability Database is managed by the public community and is a great tool for tracking problems in software you may have deployed and making sure vendors are on their toes to fixing issues due to public awareness.

The second website is Data Loss Database which records all publically reported incidents where data is lost either by accident, from a result of a hack, stolen equipment etc. This invaluable database provides awareness so that organisations are able to better understand the ways in which information is at risk and therefore implement technologies to reduce risk of dataloss, such as using information rights managment.

The OSF is currently asking for donations to help these valuable services to continue to run. So open your wallet and drop some money in the direction of the Open Security Foundation... and in doing so contribute to the efforts which keep all of our information secure.

 <script src="" type="text/freezescript"> </script>

Wednesday Jan 06, 2010

Solving the data loss prevention (DLP) puzzle and using IRM for encryption

An interesting strategy guide was published recently from InfoWorld. Titled "Strategies for endpoint security", it addresses concerns and challenges businesses have regarding the protection of endpoints, namely laptops and desktop computers.

One section of the guide which caught my eye was "Five technologies that will help solve the DLP puzzle." The article discusses the following areas where "before embarking on a data loss prevention program, enterprises must first determine the essential technical ingredients.".

The first subject tackled is that of classifying information in the first place. DLPs most valuable functionality is the ability to monitor many points in the enterprise and detect the storage or movement of documents, emails and websites that contain sensitive or classified data. However one problem with DLP is how do you configure it to reflect a well designed and understood information classification policy? William Pfeifer states that "You cannot protect everything, Therefore methodology, technology, policy and training is involved in this stage to isolate the asset (or assets) that one is protecting and then making that asset the focus of the protection." Nick Selby, former research director for enterprise security at The 451 Group and CEO/co-founder of Cambridge Infosec Associates, then goes onto say the key is to develop a data classification system that has a fighting chance of working. To that end, lumping data into too few or too many buckets is a recipe for failure. "The magic number tends to be three or four buckets--public, internal use only, classified, and so on," he says.

So the recommendation is that DLP should be configured with a simple and easy to understand set of classifications. Keeping things simple in the complex world of security dramatically reduces chance of human error and increases usability. Oracle IRM is a technology that has had this message designed within its core from day one, it has a very powerful and yet simple to configure and deploy classification system. This is what makes the union of IRM and DLP such a compelling story when it comes to a comprehensive data loss prevention solution that can actually be deployed and used at an enterprise scale.

The second subject approached in the article is encryption. It's worth repeating the full statement here...

"This is a tricky one [encryption], as some security pros will tell you encryption does not equal DLP. And that's true to a point. As former Gartner analyst and Securosis founder Rich Mogull puts it, encryption is often sold as a DLP product, but it doesn't do the entire job by itself. Those polled don't disagree with that statement. But they do believe encryption is a necessary part of DLP. "The only thing [encryption doesn't cover] is taking screen shots and printing them out or smuggling them out on a thumb drive. Not sure I have a solution to that one."

No worries Rich, Oracle and Symantec have exactly the solution you are looking for. DLP detects that a document or email contains sensitive information and IRM encrypts and secures it. IRM not only encrypts the content, but it can limit the ability to take screenshots, stop printing, manage who can edit the content, who can see formulae in Excel spreadsheets, even allow for users to search across hard disks and content systems for information inside encrypted documents to which they have legitimate access...

The article continues, "Stiennon says that while all encryption vendors are not DLP vendors, applying encryption is a critical component to DLP. "It could be as simple as enforcing a policy," he says. "When you see spreadsheets as attachments, encrypt them."

Or more specifically, when you see any sensitive document or email, seal them with Oracle IRM! For more information on how IRM and DLP technologies can work together, have a read of this.

Wednesday Nov 04, 2009

Oracle IRM and the evolution of "information-centric" security

Whilst responding to an RFI I needed to describe how information rights management was positioned against many other types of technologies that use encryption to protect documents and emails. I thought it would make sense to write up the response on the blog. The diagram below really highlights how information rights management is at the leading edge of using cryptographic technologies to protect your confidential information.

Oracle IRM Evolution of information-centric security

Information security is a crowded and confusing marketplace. Many security solutions are really infrastructure security, because they secure IT infrastructure and users from information (for example anti-virus, anti-spam, intrusion detection). Some information security solutions only attempt to secure information from external attack (for example firewalls).

This diagram above illustrates the evolution of "information-centric" solutions that, by securing information directly, attempt to secure information from accidental or deliberate leakage by internal and external users. This diagram is not entirely even-handed in that it does not show the benefits of earlier solutions, just their critical shortcomings - but the idea is to show how IRM for the first time sufficiently solves these limitations to be the first truly enterprise-viable "information centric" solution.

Information-centric security started with products like PGP, which used public key infrastructure (PKI) encryption to encrypt information, and provided document and email encryption products. Products like PGP have two killer shortcomings. Firstly they ask busy non-technical business people to understand and personally manage the principles of PKI cryptography - pass phrases, public keys, private keys, digital signing, encryption, decryption, public key rings, certificates, etc. And then, after jumping through all these PKI hoops, the PGP-like technologies still just pass the decrypted information off into the clear (decrypted) to the document and email applications, from which they can easily and untraceably be redistributed - there is no post-delivery protection or tracking. Invasive to user workflows and with dubious benefits (most leaks are made, accidentally or deliberately, by end users - not by eavesdropping on networks) these solutions have over a long period gained minimal traction. Many people have briefly played with PGP, or something like it, but it is rare to meet someone who still does.

"In-delivery" secure email products built on the encryption capabilities of PGP-like products, in an email context. As organizations began to see email as their leading vector for information leakage (deliberate or accidental - how often have you sent a confidential email to the wrong user?) they sought solutions for securing email. Almost all of these solutions operate by intercepting outbound emails, and for those marked or scanned as being confidential, they place them on an SSL-protected web site and send on a replacement email with a link back to the original email on the SSL-protected web site. When the users follow the link to collect the email they are typically required to authenticate and the original email is then obtained over a secure SSL connection. So the shortcomings of these solutions are clear - again they provide no post-delivery security (authorized users can still save out in the clear and forward), they only defend against eavesdropping (which is a much less common threat than redistribution) and is ultimately an email-only point solution. While email remains the leading means of sharing information, there is also a huge amount of sharing via file shares, web, USB devices, etc.

The next major evolution of "information centric" security, which is currently generating significant interest, is gateway- or desktop-based filtering/monitoring. These technologies install software agents into gateways (such as email servers or web servers) or desktops that monitor outbound information flows, and scan the outbound emails, attachments and web pages for confidential information (such as social security numbers). It remains to be seen how effective these solutions are in practice, because they tend to be primarily passive (they are often detuned to prevent them blocking outbound information flows as a result of false positives) and act more as a deterrent; because they must monitor a bewildering number of perimeters in a modern network to be effective; and must sift through a staggering amount of legitimate traffic looking for a hopefully small amount of illegitimate traffic. But the fundamental shortcoming of these filtering/monitoring solutions is that they are effectively enterprise spyware: spying on internal information flows. Unfortunately most sensitive business processes involve sharing confidential information with external parties, and they are never going to allow your organization to spy on their networks to protect your information. So it would seem absurdly incomplete to spy on your own employees and then send the same confidential information unprotected and untracked into the networks of your partners, customers and suppliers.

Nevertheless there are considerable synergies between monitoring/filtering technologies and IRM - to help automate the sealing/classification of information. This is seen in the recent integrations between both DLP vendors and IRM vendors.

Oracle Information Rights Management (IRM) is very much an evolution from all these earlier technologies. It uses the PKI encryption from PGP-style products, but hides all the complexity from end users. It uses the close integration with leading email clients of secure email. It shares the same desktop agent and policy server profile of desktop filtering, but is only active in the context of sealed/classified information. But unlike preceding solutions Oracle IRM provides pro-active, post-delivery protection and tracking; works just as well outside the firewall as inside; has a classification-based rights model that completely hides all the complexity of encryption and makes policy management straightforward; and secures documents, emails and web pages regardless of how they are shared - so Oracle IRM it is a significantly more complete solution.

Monday Nov 02, 2009

Peer-to-peer network exposes document detailing US Congress ethics probes

Over the weekend a document containing confidential information from one of the most secretive panels in Congress was floating about on an peer-to-peer network. Apparently a junior member of staff went home to work on the memo and stored the document on a computer that also ran peer-to-peer networking software. The inevitable happened and the document was whisked away to the file sharing network to be available to thousands of other computers.The 22 page report contains details of sensitive ethics probes involving more than 30 lawmakers and aides compiled by the ethics committee in the House of Congress.

The ethics committee is one of the most secretive panels in Congress, and its members and staff members sign oaths not to disclose any activities related to its past or present investigations. The 22-page "Committee on Standards Weekly Summary Report" gives brief summaries of ethics panel investigations of the conduct of 19 lawmakers and a few staff members. It also outlines the work of the new Office of Congressional Ethics, a quasi-independent body that initiates investigations and provides recommendations to the ethics committee. The document indicated that the office was reviewing the activities of 14 other lawmakers. Some were under review by both ethics bodies.

The leaked document, which was reported to the Washington Post, caused Democrat Zoe Lofgren, chairwoman of the House Ethics Committee, to interrupt House voting. She announced that the Washington Post had obtained a confidential ethics report and the newspaper had been contacting lawmakers named in the document. She described the release of the sensitive document, as a form of hacking.

This incident highlights the dangers of not correctly protecting your most confidential information. Unfortunately the blame is usually pointed at the person who didn't follow instructions on how to handle such data. In this incident the member of staff was fired and the committee "is taking all appropriate steps to deal with this issue,". According to house administration rules, they require that if a lawmaker or staff member takes work home, "all users of House sensitive information must protect the confidentiality of sensitive information" from unauthorized disclosure. I wonder what technologies are actually implemented to aid lawmakers and staff with actually protecting this information.
"I regret to report that there was a cyberhacking incident of a confidential document of the committee,"

Zoe Lofgren, (D CA)

Information Rights Management could have easily helped avoid this situation. The memo could have been encrypted and secured allowing the employee to work on the document where ever they wished. Then if the document had been transmitted across a peer-to-peer network, it would've been useless to anyone else because IRM ensures only authorized users can gain access to sealed content. This would've saved Congress the embarrassment and also saved the member of staff their job.

Wednesday Jul 15, 2009

Twittergate? Twitter employee hacked and loses hundreds of documents


News broke this month about the hacking of Twitter CEO Evan Williams's email account. His wife and two other Twitter employees also had email accounts hacked. As a result the hacker, French in origin, was able to access numerous documents containing information about a reality TV show involving Twitter, financial forecast documents (although they claim no longer current), wage information, credit card details and many others. He then offered these documents to different sources one of which was TechCrunch, a well respected Silicon Valley site. They made the brave choice to publish these documents and have caused widespread debate with many calling the incident Twittergate.

This obviously raises the issue of the documents security. The Wall Street Journal comments that, "Bloggers and tech experts are debating not only the ethics of airing the files, but also how the hacker got the information. Was it Google's password-recovery system? "That would mean this isn't a 'cloud' privacy issue," wrote GigaOm's Om Malik. "Rather it would be an issue of companies using poor authentication and password protocols to secure their data."

In Mr. Williams blog post about the issue he wrote that "It was a good lesson for us that we are being targeted because we work for Twitter. We have taken extra steps to increase our security, but we know we can never be entirely comfortable with what we share via email."

This incident raises the issue about storing sensitive information in the cloud. A few months ago Google accidentally exposed access to their online document services. Although this recent incident was in no way a result of problems with Google security, it does highlight that putting your important documents in the hands of others and using poor security to protect your own information systems is asking for trouble.

The BBC News website commented that "Many in the technology industry said this latest episode points to the potent reminder of how much information is stored in the cloud and the vulnerability or otherwise of that data.".

With people storing sensitive documents out in the cloud networks, it is even more important that any security affects the document itself, not the place of storage. It isn't good enough to rely on the security implemented by others such as Google, mistakes happen and leaks occur. Oracle IRM can provide this persistent security by securing the document and so no matter where you store it nor where it is stolen from, your ability to control access to the information remains where ever that document resides! Hmm I think i'll just go and tweet this...

Monday Mar 30, 2009

MP expenses data up for sale

The latest high-profile data exposure story comes from the mother of all parliaments as part of an ongoing furore about inappropriate expense claims by Members of Parliament.

According to the BBC, details of expenses claims of all 650 or so MPs from all parties are available for a sum of around £300000. There is an expectation that some of the more embarrassing claims will find their way into the papers over the coming weeks - although it is hard to imagine anything more embarrassing than the weekend's revelations about the Home Secretary's claims.

The breach has privacy implications. Parliament itself plans to publish the information some time this Summer as part of a drive towards more openness. However, it cannot do so until about a million receipts have been reviewed for data privacy purposes, and the incident might also represent a breach of the Official Secrets Act. Whoever is trying to sell the data evidently has no qualms about the privacy implications. Electronic copies of the receipts are being offered in redacted and unredacted form.

This story illustrates how seemingly trivial information can have extraordinary value and significant privacy implications. We have customers who seal payslips and other HR information, but it has never occurred to me that expense receipts represent a significant risk.


Oracle IRM protects and tracks your sensitive information no matter where it goes. It combines business friendly encryption with role based usage rights and auditing.

11g quick guide


« June 2016