theft
Bank Of Ireland’s lost laptop ‘addendum’.
This story just gets worse - now BOI admit they have lost over 31k records. BOI need to answer a few more hard questions openly and honestly in order to stop me from closing my last remaining account with them:
- Is/was it routine for bank employees to bring laptops containing unencrypted data off bank property? Can you guarantee me that your employees never copied data off your laptops onto another machine at home or emailed it via SMTP servers in unencrypted email messages? I don’t really care what official bank policy (meaningless) is, I just want to know if your employees technically could do this.
- If the above is routine, how do they know that only 31k records were lost? After all, you don’t actually have the laptops so how would you know what is on them? Right now trust is gone out the window and you don’t have to give so much information that you would potentially compromise the security of live systems. Technical details on the auditing capabilities of your laptop/mainframe data synchronization tools would be great - just to give me that warm fuzzy feeling.
- If the above is routine, how many of your employees recently sold, dumped or gave away PCs that they might, at one stage, have been editing bank data on while working at home?
- When was the last group hardware audit completed and are any other laptops unaccounted for? Not necessary stolen, just not where they are supposed to be
Lastly, and this question stands, even if I do close that last account. According to the above referenced news story
In the unlikely event of a fraud arising as a direct result of the theft of these laptops, the customer will be fully compensated.
(also stated here though I can’t find an official statement)
What will BOI do if my credit history is destroyed by someone who steals my identity via the data you so kindly made available to them? What if that person is never caught and therefore I can never prove that their data source was the hard drives in those laptops? What was that? Did you say ‘nothing’ or was that ‘prove it’? I thought so.
Data is such a genie in a bottle isn’t it.
What I'm Doing...
- @paulca if the service and your id provider both support the OpenID Simple Registration Extension then it should work - http://url.ie/r4y 3 days ago
- @paulca I've been to the recent meetups, good couchdb talk btw, will be at the next one too. Not yet taken getexceptional for a real spin... 3 days ago
- @topgold Try Nassau St (3rd or 4th bus stop down) or outside Budget Travel on O'Connell St, routes 46*, 10*, 145)... 3 days ago
- @desdublin Des, save yourself! I'll go for some pints+nosh with you! Or else promise to drive wherever you were jogging to! 4 days ago
- Great NYT piece on how the US financial crisis evolved in the past two weeks - http://www.nytimes.com/2008/10/02/business/02crisis.html 4 days ago
- More updates...
Posting tweet...
Blogroll
LinkRoll
Category Cloud
amazon api app apple atom atompub australia banks beacon berlin blogging blosxom capeclear content copyright data dev drm dublin eclipse economy facebook firefox food football fowa future games google hardware identity internet ireland irish java junk linux mac media microsoft mobile movies music n800 net oauth openid opensocial opml osgi oss patents politics polls process rails railsconf rest rss ruby search soa social software spam sport tech travel trip tv uk us vodafone wayoutthere web2.0 web services why xml yahoo youtube
Recent Posts
Recent Comments
Archives
Photos
|
