Arsene Wenger is an honourable
man of obvious integrity. As manager of Arsenal Football Club he has suffered
from occasional bouts of short-sightedness but he is generally respected for
his achievements over the last 18 years or so. But right now he is being abused
by a portion of society for which there is as yet no printable descriptor.
Why?
Because Arsenal are 6th
in the Premier League and in the last 16 of the Champions League. Not a great
season so far admittedly but no reason to panic. But panicking is what we do
best in this day and age. We can panic in 140 characters or less in a matter of
seconds. We can abuse. We can call on the support of heavyweight thinkers like
Piers Morgan.
There is something about our society
today that looks to apportion instant blame, without assessing the facts,
without waiting for the dust to settle. The ability to comment instantly, and
be vile and abusive without much fear of retaliation brings out the very worst
in human nature.
In my view, the media fan these
flames to an intolerable degree. Almost every news program seems to include
Twitter comments from ordinary people. Something is trending usually before the
BBC knows what is going on and we fly off on many strange tangents until the
truth emerges from the mist. Can you imagine if Twitter had been around the day
Diana died? #thedukedidit
Data scares get the same sort of
treatment, maybe without the tribal fury of football, but any company caught
out losing or abusing data gets a proper public hanging (you were wondering how
I would get this back on topic weren’t you?). RBS were the latest example.
Their IT system crashed denying their customers access to their money and the
regulators fined them some £60m for having the temerity to make a mistake.
The comments on Social Media were
as bad as Wenger. The faceless board of RBS, mostly owned by the taxpayers of
this country at present, were pilloried and heads were supposed to roll. And
then something else happened, or Arsenal won 6-0, and people moved on.
Which is nonsense. The whole
furore missed the point as far as I was concerned, which in this particular
example was in a boring little interview I heard on Radio 4. One of the experts
consulted suggested that our banks are still using antiquated systems because
there were serious security doubts about investing in newer stuff, and that the
RBS problems were caused by the simple fact that no one knew how to fix the
problem when it arose. The people who designed this kit have moved on, or
retired, and the system is allegedly held together by sticking plaster.
I cannot vouch for this particular
version of events but surely it merited further investigation, and those of a
certain vintage with a cynical nature will admit that it has the stench of
truth. But no, the media do not do much serious investigation anymore. The
public attention span does not allow for it and the world had moved on. Twitter
was alive with pictures of cute kittens.
Except I can’t, I am afraid. Move
on, that is. I make my living out of data security and data protection needs to
be on the agenda all the time. There are rules for this sort of stuff, but big
business tends to comply in an offhand sort of fashion, paying lip service, doing
its best to keep out of trouble but not taking the intention of the rules
seriously.
If prevention really is better
than cure the ICO and the banking regulators should be ensuring that the banks
invest properly in a safe and secure infrastructure, not just sitting back and
fining them when it all goes wrong. Ideally this sort of joined up thinking
should be applied to all levels of data security and we could address some of
the anomalies.
Like what, I hear you cry? Well,
I will give you just one for today. Any business controlled by the Financial
Conduct Authority has extra responsibilities beyond those on ordinary
businesses. There is for instance a strong suggestion in their published fact
sheet that hard drives should be wiped using specialist software before
disposal, before the redundant equipment actually leaves the office.
Does this happen?
Well, I can only tell you this.
EReco are one of only a few ITAD specialists who will send one of our teams to
your office to run our software in your own secure environment. This is exactly
the sort of software the FCA are talking about, and whilst it is not rocket
science you need some training and not everyone can buy the software in the
first place. Bearing in mind the FCA advice, you would think that our lads are
out all the time, wouldn’t you?
Not so. Many of our financial
customers are extremely secure, and we help them to remain so, but we have only rarely been engaged to data wipe on site. Read the FCA data fact sheet for
yourself and see how many of these suggestions are being followed by companies
you visit? FCA
Factsheet
I am not saying these companies
are taking any risks. If someone is using eReco, or indeed another reputable
ITAD supplier, we take data security really very seriously indeed, right from
the point of collection. It may be that the guidelines are too strict? It may
be that the mobile shredders take up a lot of this business, which would be a
shame as that is not the best solution environmentally. But the fact is that
the rules are not being followed to the letter, even if many if not most are
doing their best to follow the spirit.
In part, I think this is our
fault. Not just eReco, but the entire industry. We are not strong enough at highlighting
best practise. We have not effectively marketed our wares to SME’s, including
selling the need for sustainability as well as data security, but also the
regulators have failed to educate their members. I would like to see much
clearer, unambiguous direction from the FCA, the ICO and other interested
parties.
This is something we are trying
to address, not least through this humble blog.
No comments:
Post a Comment