So, Hays recruitment "distributed an email disclosing the remuneration of thousands of contractors working for the state-backed Royal Bank of Scotland". Details are unclear, but a few questions from an Information Security perspective.- Why is this type of information lying around in an attachment?
- Was the email attachment encrypted?
- Why is there not some sort of Data Leakage Prevention (DLP) in place? A "Little Britain" type computer program which looks at the email recipients (800) plus attachment (3000 names) and replies "Computer says: Are you Sure?"
- etc.
Maybe our old friend the Data Flow Diagram (DFD) could have helped....here we go again.
Useful Links:
- Sky News: Exclusive: Hays Discloses RBS Pay Deals
- The Register: Agency sends contractors' day rates to 800 RBS staff
- YouTube: Little Britain - Carol says No - Computer says No
- Data Flow Diagram
Social: del.icio.us DiggIt! Reddit Stumble Google Bookmarks Technorati Slashdot
No comments:
Post a Comment