I was registering the birth of our new baby boy last week and, as you do, noticed a huge problem with the way registration of births are carried out in Scotland. The Scottish system for registration of births, deaths and marriages is different from England and Wales, with registrations being made at the General Register of Scotland and not Somerset House.
Whilst registering my wee boy; I was left alone in an interview room with an unlocked PC. I didn't have my phone on my but I would have taken some photos. The PC was linked and logged into the GROSfer application which, in Scotland, is on the GSX Government Secure Extranet system. The UK Government uses various classifications of network for various types of traffic according to its own data classification. I presume birth data must be protectively marked as restricted and so GROSfer is on the GSX.
I had approximately 3 to 4 minutes of "own time" in the office with the unlocked PC, plenty of time to attack a keylogger to the USB keyboard, whilst the registrar took the payment for the birth certificate. I also had access to GSX which could pose threats. All pretty disturbing - a simple flick of Cntrl-Alt-Del and a little bit of desk & cable management would reduce the threat.
Tuesday 18 August 2009
Subscribe to:
Posts (Atom)
