Tuesday, July 16, 2002
Back on the 2nd June 2002, when the IR's Self Assessment service was taken off line for a security issue, I wondered how (if the IR can get it wrong) we would expect smaller agencies and departments to get it right. Major companies still get it wrong but I guess it's not front page news anymore when someone gives away billing details, account details or whatever. There needs to be a concerted effort on these issues to lock down environments to that there are no exposures. I can't believe that the public at large are laissez-faire about this - do we really "expect" it now and factor it into our plans? Maybe we don't expect to do much of our business online, at least none that could compromise us, so it's ok for their to be issues like this. I doubt it. Anyway, it was an article in The Register about a security issue at O2 that got me on this point.
Posted by Alan at Tuesday, July 16, 2002