|
 |
David Miliband has told GPSJ that he ‘feels sick’ about what the government has done to the ‘Building for Schools’ program and said he feels it is ‘absolute vandalism’ in an interview with editor Stuart Littleford. Speaking at a party meeting in Manchester Mr Milliband also said that ‘New Labour’ wasn’t new any more and labour politics needed re-inventing and what mattered was the substance. The full interview is here.
A pet goat has had its horns ripped from its head and left in agony with broken and dislocated legs in what is being described as a barbaric and sickening attack. The goat known as ‘Sid’ was attacked late on Thursday night and found in his field early on Friday morning in agony. The attack happened at the Tennyson Lane Horse and Pony sanctuary in Middleton , Near Manchester. Owners of the sanctuary Debbie Bailey and John Starkey said they are both in shock and can’t understand why anyone could do such a thing to a defenceless animal. Talking to GPSJ today, Debbie said, ” We found Sid early on Friday morning covered in blood with both his horns ripped out and his back leg broken and bent backwards and his other leg pulled out of the socket, he was in agony. The only thing we could do was to have him put down, no amount of money could have saved him. Stuart Littleford Interviews the owners below: The girl from the RSPCA was in tears and said she had never seen anything like this and today she said she had lost sleep over what she had seen. We have had him for over ten years and he is really friendly all the local children love to come and see the ponies and animals here, we get no funding, we are not a charity we do this all by ourselves for the animals.” “Police spent hours at the scene and have taken DNA samples, they have been really good and are determined along with the RSPCA to catch the person who has done this, if they can do this to a poor defenceless animal what could they do to a child or anyone else,” said John. The owners have said that they will try and make the site more secure but they have no funding to do this at the moment anyone who can help with fencing or supplies can contact GPSJ. GPSJ understand’s that police are following up some positive lines of enquiry and anyone with information should contact Greater Manchester Police. Anyone with information can call the RSPCA in confidence on 0300 1234 999 and leave a message for Ms Hall.
You’re out in the street and someone takes your photo without asking. What can you do? And do you have any control over what they do with that image? The broad guidelines that apply to the media are: 1. SAFE: Politely taking photos of adults in the street (or any PUBLIC place) without their consent. Setting the rules 1. Check photographers’ ID. They should carry a press card showing who they work for. If they are freelances, establish who has commissioned them. 2. Make sure your employees know that reporters and photographers cannot: Take photographs on your property without consent. 3. There are laws to prevent: Camping outside people’s homes. You should take legal advice before using legal redress. It is quicker and cheaper to use the Codes of Practice if there is a problem. Cleland Thom This extract is taken from the PR Media Law Guide, price £19.95. To order a copy, contact contact: cleland@ctjt.biz Cleland Thom does media law training and consultancy to a number of corporation and public authorities, including GPSJ, United Utilities, World Trade Group, Herts County Council, London Borough of Brent and Three Rivers District Council.
What do you get when the worlds leading analysis and data software provider merges with a leading open source intelligence research institute? Hopefully an even more successful business providing data faster and more accurately to its service users. At least that is the outcome i2 CEO Robert Griffin is hoping for as he heralded the group’s newly formed partnership with risk intelligence specialists World Check at its Brussels client conference in June. In his address to the conference delegates that included representatives from the worlds enforcement and security agencies Chapman promised: -There are exciting times ahead with new product lines in the next 12 months to help you do what you do best. Between them the two groups will hope to synergise their respective expertise in the field of data mining and intelligence analysis tools. Improving and expanding research capabilities and intelligence provision between them for their users. This will further enhance the provision of critical information to agencies confronting illegal activities of terrorists and criminals. The two groups also provide services to commercial users to protect them from fraud and from entering into business with the wrong sort of partner. Individuals or organisations that have proven or suspected links with anything from money laundering to corrupt practices. In a world that is becoming increasingly globalised in terms of transnational jurisdiction it is essential that business organisations seeking partners abroad do their due diligence. Preliminary and precautionary checks avoid the risk of prosecution, sanctions or damage to their reputations. I2 has some devilishly clever software systems such as the Analyst’s Notebook and COP-Link that give agency operatives of 2,500 organisations real time access to data bases in over 149 countries access to both open source data and in certain cases secure data banks from across the world. These organisational users typically include police, frontier control, and customs, military and commercial bodies. Despite the avowed declaration that the intention of the colossal data mining activity is a force for good, one cannot help being a little unnerved by the power and scope of non governmental organisations to access, monitor and display such extensive amounts of data. Julian Midwinter i2’s Vice President of Sales reassures us saying: – Unless we are asked to host the data we just provide the systems for the data to sit in. The organisation then accesses it and uses the data as they want. We do not have ownership of the data except in a few circumstances. The data banks are mostly the responsibility of the organisations holding them and their decision to share information with other organisations is theirs we just provide the systems to enable that process. The systems will inevitably trawl through masses of chaff about harmless law abiding citizens before identifying the wheat of intelligence and usable information about the bad guys. Anybody who still subscribes meaning to the word liberal in the term Liberal Democracy is bound to be unnerved to know that the increasingly ubiquitous social networking sites such as Face book are an area of extensive research to organisations like i2. Social networking analysis is a vast area of expansion for Open Source Intelligence and the endless trivia that we commit to such sites provide a rich seam of information to Snoopers both benign and malign. The dilemma of balancing the need to provide extensive information including personal details of relationships, financial and phone records is not lost on i2’s mangers and executives however. The awareness of i2 executives to their responsibilities and their declared adherence to the rights and privacy protection afforded to citizens by the jurisdiction of their respective individual states goes someway to allaying ones fears. Julian Midwinter added: -There are strict rules about data retention and we have to adhere to the legal requirements within the end users jurisdiction. Compliance with various states laws and policies regarding criminal history and intelligence data remains a challenge. We ensure that all our clients’ sign up to detailed and succinct management agreements that comply with the legal requirements of that state. There are also auditing systems in place on both sides to ensure against any misuse of data. In extremis note the countless wedding parties blown to smithereens in Afghanistan by drone launched missiles after being wrongly identified as Al Queada or Taleban fighters. In Yemen recently a pro government anti Al Queada tribal leader Jabir Ali al-Shabwani, was mistaken for the Al Queada in the Arabian Peninsulas (AQAP) The political setback from such a blunder may yet prove decisive in the fight to deny AQAP the use of Yemen as safe haven. Notwithstanding the limitations and over reliance of technology based intelligence application i2 provide powerful tools in the fight against terror, crime and corruption though we must never lose sight of the fact that such tools are only as good as the human resources operating them. It is imperative that the data inputted has credible integrity and above all is correct and furthermore that data is utilized intelligently and with prejudice to its context. Terrorists can and will at some time try to duck under the technological radar replacing their incontinent babble on mobile phones, jihadist websites with individuals bearing personal messages to co conspirators. Cash couriers will transport cash instead of using Western Union money transfers to purchase weapons and provide logistical support. Therefore our reliance on such technology platforms must never be total and it is not of itself infallible to the exclusion of human instinct. Encouragingly this is also not lost on i2 who retain and rely on ongoing links with academic research institutions and expert individuals like John Hopkins University Fellow Dr Kathleen Kiernan. They work in close consultation with experts such as Dr Kiernan (formerly a security director of the ATF) who are at the cutting edge of applying their knowledge and ongoing research into evolving terrorist trends and tactics. Input from such sources helps i2 to craft their information and intelligence tools meet the demands of the field agents and analysts. More prosaically software programmes and analysis tools provided by i2 Group also play a huge role in the billions of day to day checks on passport verification, suspect identification and elimination as well contributing to the investigation of terror and criminal networks and their activities. The holistic approach practised by i2 combining Human Intelligence with technology means that on the whole most citizens will be glad that we have it in our arsenal than not. As Dr Kiernan speaking to the conference describes the evolving threat from radicalised individuals from a range of backgrounds embarking on terrorist operations. She emphasised the need to recruit analysts who were capable of thinking inside and outside the box to defeat them saying: We also need to recruit the services of the hacker, the cracker, even the criminal to stay ahead of the terrorists and the cartels. At John Hopkins we have an intelligence Masters and we strive to recruit the best and the brightest but it’s a limited commodity so you will have agencies fighting over who is the best. She praised i2 products application of Human Intelligence to Technological Data Analysis saying: They have the ability to streamline their intelligence to the street analysts needs.
Police in Leigh are investigating after two flagpoles were stolen from the cenotaph in Leigh, Greater Manchester. Between midnight on Friday 6 August 2010 and 6.30am on Tuesday 10 August 2010, the flagpoles were stolen from the war memorial on Church Street. Officers in Leigh have carried out inquiries and are now appealing to anyone who may be able to help to come forward. Police Constable Barry Willans said: “It is hard to understand exactly why someone would want to steal these flagpoles, but the offenders need to understand that their actions have caused a tremendous amount of distress. “We have been in regular contact with the British Legion who are understandably keen for justice to be carried out. “We are appealing to anyone who was in Leigh on this particular weekend who may have seen anything that may assist this investigation to call us.” Anyone with any information is asked to call police on 0161 872 5050 or call the independent charity Crimestoppers anonymously on 0800 555 111.
Dr. Maria Eugenia Cabrejos, laboratory manager of AquaInnova, a Chilean company based in Puerto Montt, recently spent three days in the Veterinary Sciences Division of the Agri-Food and Biosciences Institute (AFBI) training in a range of diagnostic techniques for fish diseases. The visit arose from an invited presentation by AFBI’s Dr. David Graham at a fish health conference in 2008 held in Puerto Montt, which is home to a large aquaculture industry. Since then, AFBI has been involved with a number of laboratories in Chile and with Sernepesca, the Chilean Fish Health Authority, in monitoring and improving the quality of aspects of their laboratory testing. Dr Cabrejos’s visit also provided an opportunity to discuss areas of mutual scientific interest which, it is hoped will lead to further collaborative work between AFBI and Aqualnnova.
Overtis , vendor of VigilancePro, user activity management software, has announced a new Protective Marking feature to identify files that hold confidential information. The new feature has been developed in response to requests from UK police forces, to help them to comply with Management of Police Information Guidance published by the National Policing Improvement Agency (NPIA) on behalf of the Association of Chief Police Officers (ACPO). Several instances of deliberate or accidental loss of protectively marked police files have been reported to the Information Commissioner in the past twelve months: In June 2010, a senior police officer was convicted of accessing databases at Greater Manchester Police and the Police National Computer and passing confidential details to two businessmen. In April 2010 an employee of Gwent Police accidentally emailed an unencrypted document to a journalist after the auto-complete feature included him among the recipients. The spreadsheet contained confidential records on 10,000 people who had undergone a Criminal Records Bureau check, revealing the names and dates of birth of 863 people who had been in trouble with the police. In September 2009, a Metropolitan Police officer admitted accessing the Police National Computer to obtain information on his former girlfriend’s new partner. In August 2009 a civilian employee of Essex Police admitted that he sold mobile phone records after accessing police intelligence databases 800 times. Protective Marking is the UK system of classifying documents according to the Government Protective Marking Scheme (GPMS) identifying the level of harm or impact that would be caused if they were disclosed to other states or external parties. The system is used throughout central and local government and the Critical National Infrastructure, to ensure that sensitive information is safely handled, stored and transmitted. Overtis VigilancePro allows Police Officers and Staff to classify files, including documents and spreadsheets, as well as emails, according to the GPMS five levels, which are -Protect, Restricted, Confidential, Secret and Top Secret. Documents that contain information in the public domain are labelled -Not Protectively Marked. VigilancePro can also be customised easily to include any Force specific descriptors. Additionally, the software allows whitelists to be created for different email classification levels, ensuring that emails marked as -Confidential- cannot be sent outside of the pnn.police.uk domain, for example. Overtis VigilancePro writes the appropriate classification into the metadata of the file. This can then be picked up by other security systems, such as email gateways, to enforce encryption of attachments, in line with policy. VigilancePro provides a full audit trail of classification events, with reporting that can underpin the processes for Review, Retention and Disposal of Police Information under MoPI guidelines. Commenting on the inclusion of protective marking within VigilancePro, Ed Macnair, CEO of Overtis said, -Police forces have to collect a lot of information on citizens as part of their normal enquiries. This data must be safely handled to protect the privacy of individuals. Protective marking within VigilancePro helps to ensure good data governance throughout the force, while still allowing officers to access and share information, to enable them to carry out their duties.
The Royal Marsden is a National Health Service (NHS) Foundation Trust in England that specialises in cancer. Situated primarily over two main sites, one in Chelsea and one in Sutton, it also has a number of satellite locations, an area of the business that is being developed. Today, it has a staff of approximately 2,500 all of whom, in one form or another, are responsible for protecting the data they access. The Royal Marsden is committed to promoting excellence in cancer research, treatment and education. Alongside its academic partner, the Institute of Cancer Research, it is considered one of the leaders, and at the forefront of many major cancer breakthroughs. The NHS Trust is involved in tackling and taking data breaches very seriously. At the helm is Jon Reed, IT Director for The Royal Marsden, who is responsible for its entire IT infrastructure and the development of all in house clinical applications. The Story So Far… According to Reed, -The Trust takes the handling of information very seriously, which is what you would expect of an organisation of our standing, and my defence strategy to protect data in transit began many years ago, back in 2006, long before publicised breaches by public bodies. Following the high-profile cases, a central policy was introduced by, David Nicholson CBE, NHS Chief Executive stating that every organisation within the NHS must fully implement the policy that all removable data must be encrypted, and also follow the recommendations of the report of the Cabinet Office Data Handling Review, which contains mandatory security standards for the public sector. As The Royal Marsden had already begun researching various solutions it was ahead of the game. The Royal Marsden encourages its staff to not carry data unless it is absolutely necessary. It recognises that on occasion, patient identifiable records, staff information and commercially sensitive information such as research projects and data, amongst other documents, will be transported and shared and this must be done in a secure manner. And the Solution of Choice Is… The Royal Marsden quickly honed in on about six offerings, and it looked to see what other NHS Trusts were doing. One of The Royal Marsden’s key concerns had been that organisations would lock down their infrastructure and would only allow certain models of USB devices to be used. This Jon’s thinking, too – the Trust didn’t want to run into a compatibility problems. Jon made a decision ahead of the game, and chose the IronKey as the best solution for The Royal Marsden which would not cause a problem amongst other trusts accepting it. Jon clarifies his reasoning, -We chose the IronKey solution as it is AES standard hardware encryption which can’t be circumvented, which then puts the onus on the user to make the decision. The central policy management combined with the managed service was another key criteria, so we don’t have to worry about deploying server infrastructure on our network and applications to manage the devices. The fact that we could disable a device if missing in action, and that it would self destruct following a set number of failed login attempts was another strong selling point. IronKey’s onboard digital certification for RSA to consolidate encrypted mobile storage – and strong two-factor authentication in a single device – fitted with what we wanted to do around making it easier to connect to our infrastructure securely from remote locations. Finally, the aesthetics of the device played a part, as it looks credible and from an infection control point of view, it is a waterproof device with a rubberised cap so it can be disinfected – essential for a healthcare institution that prides itself on the standards it sets across the NHS. Once the decision had been made and the devices purchased, The Royal Marsden had a two-fold challenge: getting staff to think differently about security and getting staff to remember to use the devices. Jon explains, -Planning is important with the implementation of any system. Don’t think of IronKey as a straight replacement to your existing insecure USB devices that you buy off the shelf like blank CDs. It’s a key part of your security infrastructure and so you need to think of it as part of your security strategy, and plan how you’re going to deploy it. We Told Everyone… The Royal Marsden thinks as a whole about information security and has a structured communications campaign to ensure information security across the organisation. It introduced a policy that specifically covered the transfer of any data to a USB device. To avoid any ambiguity, it decided to not make a distinction between sensitive and indifferent data – it classes all data equally (when being transferred from the Trust’s PCs) – taking the dilemma away from its staff. The Trust’s policy states it must be on an IronKey. It ran a number of specific communication campaigns to encourage awareness of new policies, and the introduction of IronKeys, which included: top down management briefings; it sent out leaflets with payslips; and targeted emails for key individuals. We Led from the Front… The next approach employed by The Royal Marsden to reduce potential negativity was the tactical deployment of a few initial devices to selected key users. This secured general acceptance within the organisation, prior to critical mass roll out, which it believes has removed resistance to the devices. As knowledge of the security programme and policy on the use of USB devices filtered through the organisation it has found that users proactively request devices, driving their demand and adoption. The Royal Marsden found the deployment to be quite straight forward with only a few minor difficulties – as it familiarised itself with the technology – which were from an operational standpoint rather than the end users experience. Jon explains, -There have been no real problems with the product itself. The technology has been made quite simple to use, but having a strong password protection on USB devices was alien to our users – which they initially struggled with – and which have been down to our zero tolerance policy rather than caused by IronKey. Prior to IronKeys deployment, The Royal Marsden had another solution for remote access and has found the integration seamless, creating a more flexible easy to use solution for its staff. As the RSA token facilitates secure access to the infrastructure, users have just one device – which is also their security device – making it easier for them to think and remember to use it. When asked for any other advice Jon could offer, he said, -Tackle any areas of weakness on a risk priority basis. You need to think of your whole infrastructure and the way that users handle information right through from careless conversations in the canteen that might be overheard through to moving personal information around on USB devices to confidential faxes being left lying around. So introducing technology to combat a problem is just one part of a programme on information security. The Future with IronKey … Since introducing IronKey some devices have gone missing in action but The Royal Marsden has simply disabled them centrally. Tongue in cheek, Jon says -It doesn’t quite self destruct but very close to it! You have the peace of mind that if one should end up in the wrong hands after a few attempts at access it will be permanently inaccessible, which is a strong feature. In terms of what central policy requires us to do – it has certainly met that, and I would go as far to say that it’s better than what some others are using. Going forward The Royal Marsden is quite excited by the opportunities IronKey offers in terms of taking remote access a step further. It has a vision of giving employees a virtual machine that’s run from their IronKey. This will enable staff to work from anywhere securely, thereby controlling how the Trust’s infrastructure is accessed and where data is stored – either the network or an IronKey – with obvious saving implications. It has just started to examine this, and has taken some soundings from its key users, with the possibility of rolling it out early in the New Year, if everything goes to plan. Jon sums it up when he concludes, -If the unthinkable happened, and our data was breached, personally I would be devastated, by both the reputational damage and the shattered trust of the individuals involved. As I have got the responsibility of sourcing and purchasing a solution, I’m not going to settle – to meet the bare minimum to meet Government standards, I’m going to invest in the strongest solution that I possibly can. For Government & Public Sector Journal/magazine
As CEO of i2, Bob Griffin reminded his audience at the recent i2 EMEA User Conference held in Brussels, of what has changed at i2 during the past 12 months. The biggest change and the catalyst for all that has followed since, was the merger of i2, one of the leading providers of intelligence and investigation management software for military, national security, public safety and commercial organisations, and Knowledge Computing Corporation (KCC), providers of COPLINK, which enables tactical lead generation for law enforcement organisations. -It enabled us to merge the digital sensor and data acquisition, analysis and digitalisation capabilities of i2 products such as Analyst’s Notebook with the complex human sensor data capture capabilities inherent in the most widely deployed lead generation tool in the U.S., COPLINK. And in doing so, we have been much better placed to help government and other agencies defeat illegal activities of all kinds. Following the merger, Griffin, previously founder and CEO of KCC, was appointed CEO of i2 and immediately announced that the new larger company would place an even greater focus on innovation. The integrated Intelligence-Led Operations Platform, for example, brought together key elements of the company’s existing solutions set to proactively ‘deter, prevent, predict and disrupt the world’s most sophisticated criminal and terrorist threats’ and other enhancements, including improved visualisation, spatial modeling and navigation, biometrics and open source, significantly enhancing the user experience. -Like all our developments, these were based directly on listening to our customers and acting on what they told us. Users in both the public and private sector confirmed, for example, that in improving their intelligence and response capability their need was typically for a massively scalable enterprise environment, advanced server-side computing capabilities and operational flexibility and deployment. At the same time, collaboration needed to be at the heart of any intelligence platform and, at a user level, the interface had to ‘support the way you work’. Having reviewed the substantial changes to-date, Griffin then confirmed that -2010 was looking even better. In seeking to revolutionise the provision of intelligence support, the company’s mantra, he said, was clear: -to develop transformational technologies to accelerate your mission. Griffin did not underestimate the task facing law enforcement at all levels. -Criminals and terrorists are constantly adapting and finding new ways to subvert the safeguards that protect our society. This means we need to stay constantly one step ahead by finding ways to take action before a critical event occurs. -This is not just about connecting the dots’ it’s about connecting the right dots and understanding what they mean. And when confronted by an ever-increasing amount of data from all angles, our task is to help our customers make sense of the information blizzard. In response, Griffin announced a new initiative, due for launch in the fourth quarter of 2010, -representing the most powerful step we’ve taken towards realising true intelligence-led operations the next generation of intelligence technologies on an enterprise platform. In equipping its software with end-to-end enterprise capability, i2 has combined the DNA of its existing product portfolio, including Analyst’s Notebook, iBase and COPLINK, to bring together investigative analytical, operational and command level staff under one highly secure, open and scalable platform for the first time. The result of this is that i2 users, from the police officer on the street to the senior commander and from the analyst to the front-line soldier, will be able to more easily and effectively utilise technology to prevent criminal and terrorist activity. How will this be achieved? All personnel within a given organisation will have access to an environment that allows for seamless interaction with information in real time. It also enables teams to better configure intelligence data to support all phases of an investigation and connects them to a wider community by searching across third-party, public and proprietary data stores. The enhanced Intelligence-Led Operations Platform incorporates a number of key characteristics. Full enterprise-class capability includes a web front-end, field-level security and high scalability. In addition, it incorporates deployment capabilities supporting both tethered and untethered environments, as operatives out in the field cannot always be connected to the organisation. The ability to access and exploit increasingly important open source data is enhanced with improved search, spider, seek and alerting capabilities. To be truly effective, access to such advanced functionality must be intuitive and here the easy-to-use web face is personalised based on profile, permissions and preferences, with advanced visualisation to aid multi-dimensional analysis. On such examples is the partnership with World-Check, which enables the preloading of i2 Analyst’s Notebook and iBase with World-check’s extensive database of Politically Exposed Persons (PEPs) and heightened risk individuals and organisations. This is mission critical for i2 customers. In the view of William J Bratton, former Los Angeles Chief of Police and New York City Police Commissioner, -what i2’s technology means for these organisations couldn’t be more crucial: stronger analysis, better information and quicker decision-making to unearth connections and take action to prevent crime and terrorism. Looking back at the day of the merger as the starting point of this crucial initiative, Griffin believed: -15 July 2009 was an excellent day for i2 and the forces of law and order – and a bad day for terrorists and criminals.
London, 24th August 2010 – Whilst the media seems pre-occupied with the problems of cybercriminals and hackers causing problems for organisations from outside their network, a survey just published shows that 23 per cent of UK employees will take customer lists and other sensitive data when they leave their employer. “More than anything, this highlights something we’ve been saying for some time, namely that with insider threats, IT managers are fighting a less visible, but not less difficult threat in addition to the well publicised external threats. Staff are precisely the people who have access to data that needs to be secured and carefully controlled,” said Amichai Shulman, CTO of data security specialist Imperva. “In addition, the survey shows that the insider threat is not always the potentially rogue employee for whom a background check has been completed – staff also need to be monitored during their employment as the information may not necessarily be ‘maliciously’ downloaded after the termination notice but rather information was rightfully obtained and collected by the employee over time and actually should have been removed upon termination by the IT Team” he added. According to Shulman, this scenario is similar to the scientist at DuPont who claimed ownership at the formulas he discovered and was part of his work portfolio to be presented at his next company, despite the fact they were allegedly worth $400 million (bit.ly/ahxeHc). In general any documentation that is not explicitly marked as public should be considered sensitive and proprietary by all- The problem with the insider threat in this case, the Imperva CTO says, is drawing the line between what is company intellectual property and what are your skills that you have established over the years. There should be a clear distinction between an employee’s claim regarding the ownership of certain knowledge and the ownership of any materialized form of that knowledge. I’ll give two examples. In the Dupont example, I don’t believe that the employee had any true legal claim regarding the knowledge and most certainly should not be allowed to take the documents with him. In the case of a contact list, there is probably much truth in the fact that these relationships are the employee’s -core competence” (much like a programmer’s coding skills obtained during his employment period). However, retrieving the list of contacts from a company database and storing them to a file should be considered illegal.” Shulman says it is interesting to note that the survey also asked workers what they would do if they were inadvertently granted access to a confidential file – such as one containing salary information, personal data, or plans for a pending merger. The survey revealed that only 57 per cent of UK respondents would look at the file. This figure is surprising as I would have thought that that 99% of people accidently stumbling into such information in the web would have read the file. The fact that the percentage among employees is lower is an indication of loyalty. However, employers still need to be cautious as this shows how existing employees can be considered a snooping risk,” he said, adding that this is a prima facie case for securing access to data within an organisation. “The moral here is that you must secure all your company data and only allow authenticated plus logged access on a carefully controlled access basis,” he said. For more on the SailPoint survey: bit.ly/9bO5Wg For more on Imperva: www.imperva.com
London and San Mateo, Calif., August 24, 2010, An in-depth survey carried out amongst 100 of the elite IT professionals attending this year’s DEF CON 2010 Hacker conference in Las Vegas recently has revealed that hackers view the cloud as having a silver lining for them. And a gold, platinum and diamond one, it seems, as an overwhelming 96 per cent of the respondents to the Fortify Software-sponsored poll said they believed the cloud would open up more hacking opportunities for them. This is being driven, says Barmak Meftah, chief products officer with the software assurance specialist, by the belief from the hackers, that cloud vendors are not doing enough to address the security issues of their services. “89 per cent of respondents said they believed this was the case and, when you analyze this overwhelming response in the light of the fact that 45 per cent of hackers said they had already tried to exploit vulnerabilities in the cloud, you begin to see the scale of the problem,” he said. “While ‘only’ 12 per cent said they hacked cloud systems for financial gain, that still means a sizeable headache for any IT manager planning to migrate their IT resources into the cloud,” he added. According to Meftah, when you factor in the prediction from numerous analysts that at the start of 2010 In the many predictions, he explained, 20 per cent of organizations would own no appreciable IT assets, but would instead rely on cloud computing resources – the same resources that 45 per cent of the DEF CON 2010 attendees in the survey cheerfully admitted to already having tried to hack. Breaking down the survey responses, 21 per cent believe that Software-as-a-Service (SaaS) cloud systems are viewed as being the most vulnerable, with 33 per cent of the hackers having discovered public DNS vulnerabilities, followed by log files (16 per cent) and communication profiles (12 per cent) in their cloud travels. Remember, says Meftah, we are talking about hackers having DISCOVERED these types of vulnerabilities in the cloud, rather than merely making an observation. DEF CON has evolved considerably since the first event was held way back in 1993, and the hackerfest in the last couple of years has attracted 8,500 of the world’s top hackers and IT security researchers. -Anecdotal evidence suggests this year’s Las Vegas event was even more successful, meaning that our survey results highlight the very real security challenges that lie ahead for cloud vendors and security defense professionals,” he said. “More than anything, this research confirms our ongoing observations that cloud vendors – as well as the IT software industry as a whole – need to redouble their governance and security assurance strategies when developing solutions, whether cloud-based or not, as all IT systems will eventually have to support a cloud resource,” he added. “It is of great concern to us here at Fortify that the message about software assurance has still to get through to everyone in the software development community, and the DEF CON survey results strengthen our resolve to get this message across to as large an audience as possible.” For more on Fortify Software: www.fortify.com
On Thursday 26 August officers from Bedfordshire Police will be starting a course to teach them some simple Polish phrases. The course is being run by the Polish British Integration Centre at the Polish Club on Alexandra Road, Bedford, to help Bedfordshire Neighbourhood Police officers and PSCOs communicate with one of the biggest and growing communities in the town and the county. The first session takes place at 2pm on Thursday 26 August and the course lasts for two hours each week, running over the next 10 weeks. Inspector Gavin Hughes-Rowland who leads the Bedford North Safer Neighbourhood Teams explains: -Whilst this basic course will only give our teams a basic understanding of Polish it will help to break down some of the barriers with a community that is not always easy for us to engage with. It is important for the Polish community to see us working towards improving communication with them and that we wish to further build up relationships with them. -It will also mean we can deal with simple matters, like whether someone witnessed an incident, quickly without having to call in a translator and delaying matters. -Over the next few weeks our Safer Neighbourhood Officers will be attending this course to pick up some basic phrases in Polish which will help them when they attend incidents or receive calls. The sort of phrases we are learning are along the lines of -What is your name? Do you have any injuries? Do you have any friends or family that can speak English? but we also want to be able to ask questions like -How would you prefer to be contacted? and – What are your neighbourhood priorities? Bedfordshire Police have told GPSJ that the courses will cost around £800 and is funded by the ‘Migrant Impact Fund’ -The Migrant Impact Fund was announced in the February 2008 Green Paper The Path to Citizenship to manage the transitional impacts of migration and to promote innovative ways of managing the pressures on local services caused by legal migration. The fund was allocated on a regional basis through the Government Offices and awarded through the Local Strategic Partnerships. Bedfordshire Police in conjunction with The Learning Partnership, Central Bedfordshire Council and Bedford Borough Council, obtained a grant under the Bedfordshire Migrant Impact Fund Grant (known as SascO) to provide opportunities for migrant residents in Bedfordshire, within police Service Volunteers and Special Constabulary. As a result of that grant, we have also been able to provide specialist migrant language training and fund a Polish national to undertake a formal Translation course to assist in Polish language translation.
The new coalition government set an early pace with the announcement of over £6bn reductions in spending for the current year, an emergency budget and some important re-ordering of priorities at the centre. But these are small beer compared to the scale of what is planned for the next few years. The government has a responsibility to reduce the public sector deficit; but it equally has an opportunity to achieve a step change in public sector productivity and effectiveness. Appropriately, the body tasked with overseeing this work is called the Efficiency and Reform Group. The real test for ministers is whether they can both achieve the required savings and leave public sector organisations better equipped to deliver high-quality public services. To kick-start the debate about how we do this, the MCA recently published a new report: 21st Century Government: Adding value, cutting the deficit. It sets out some outstanding case studies of the work that MCA member companies have recently completed with central government clients, helping to deliver significant cost savings along with much appreciated improvements in public services. Modern consultancy is less about writing impressive reports; our member firms are engaged in the practical world of delivery, efficiency and implementation. They make a real difference â€- not just in back office improvements but directly to frontline services. Examples of work by consultancies to enhance frontline services include KPMG’s work with The Home Office (UK Police Forces) and Atos Consulting’s work with West Midlands’ Strategic Health Authority. KPMG’s pioneering work improved police performance, enhanced public satisfaction, and identified over £100million of operational efficiency savings across fifteen UK forces. And Atos improved A&E performance – reducing waiting times and delayed discharges whilst identifying 21 projects with potential recurring savings of nearly £50million over a three year period. Management consultancy’s future role In the immediate aftermath of the general election, of course, ministers have put severe constraints on this sort of ‘discretionary’ spending. Understandably, perhaps, they wanted to check what is being spent and why. There is wide recognition that central government’s consulting spend must be rigorously focussed on projects that generate a high-value return. But no organisation, public or private, could afford to recruit and retain full time staff with all the capabilities and knowledge that is needed to undertake everything that needs to be done, particularly during a time of massive change and transformation. And every organisation, particularly those which are so vital to Britain’s success, should want to have access to the most skilled and best-informed outside advice, new thinking and assistance. Consulting will, however, remain controversial until politicians are reassured that it delivers significant value and the whole industry lives up to the standards and levels of professionalism set out, for instance, in the MCA’s Code of Practice. Here are three areas where change could generate real benefits â€- for the taxpayer and for the consulting industry. Delivering more value First, let’s make sure that consultancy work generates the best possible value for clients. Consultancies are being challenged to demonstrate that they deliver outstanding value for money and that they work, in the words of the MCA’s Code of Practice, by -putting their clients’ interests first.†So we want to see more emphasis on outcomes achieved and value delivered. There should be more rigorous testing of whether work can be done in-house before consulting is commissioned. And each project should be based on a clear statement of goals and the value expected from the consulting team. MCA research suggests that the return on investment from consultancy is significant. On average, and across the range of work carried out by MCA member firms, consultancy generated benefits equivalent in value to £6 for every £1 spent. The majority of clients told us that the value to them was worth between two and twenty times fees paid. That’s where the focus of the new thinking about consultancy in the public sector should be. Clarity between genuine management consultancy and interims Second, we should end the confusion between genuine management consultancy and the use of interims or contractors as substitutes for full-time staff. Too often, these two are muddled; they are different services which meet very different needs. Contractors and interims can provide a stop-gap when an organisation is finding it difficult to recruit full-time staff. Management consultants, by contrast, are better used on projects where speed of delivery is important, an independent perspective is valued, and where it would not be effective to hire in the expertise involved on a permanent basis. Our research with member companies suggests that central government spent around £640m in 2009 on management consultancy. By contrast, nearly £1300m was spent on temporary staff, contractors and interim managers, often replacing full-time staff at an inflated price. The blurring of the line between consultancy and staff substitution creates frustration within both government and the consulting industry, and is short-changing the taxpayer. It is true that each can provide real value when used appropriately; problems arise when there is a lack of clear thinking about the different roles that each should play. Too much money has been spent using temporary staff when a shorter and more productive consultancy project was what was really needed. Work together Finally, let’s work better together. Relationships between government clients and their consultancies need to be less transactional. Consultancies should be more ready to offer thinking and advice before a tender is issued; clients should be open to dialogue and debate with the industry and be prepared to share ideas on strategy and priorities much more readily. Both should routinely prioritise the transfer of skills and knowledge from consultants to their clients; a key objective of management consulting is to leave clients better equipped for their future. A Treasury-sponsored report in 2009 celebrated the UK’s management consulting industry as a ‘world leader’. The Government will want to make good use of its services if they are to achieve the changes and savings implied by their recent announcements. Taxpayers rightly demand both high quality services and value for money, including from consultancies. These changes will help to ensure that government and the consulting industry deliver them.
‘Whilst there are areas for improvement in the current policing arrangements, I am extremely sceptical that USA-style elected commissioners and an FBI-esque National Crime Agency are the answer to our problems. I have no axe to grind with the US or its system of government, but I do know its different from the UK, and not everything from across the Atlantic can be imported and transplanted here. Now is not the time to experiment with untried, untested and uncosted structures superimposed on UK policing. The Local Government Association (LGA) has summarised this: -In difficult financial circumstances, we have to ask if this is the right time to change structures through additional elections, which could cost the same as 700 police officers.” ‘I’m also absolutely convinced that the Government is moving with indecent haste on these initiatives. On Monday (26 July) it published ‘Policing in the 21st Century: Reconnecting police and the people’ – as far as any commitments in the Coalition Agreement are concerned, the Government is not consulting on whether they should happen, but how best they can be implemented. I admire the Government’s resolve and sense of purpose but there are a whole range of alternative models and reforms that, at the very least, ought to be considered and debated. Colleagues from the Local Government Association (LGA) have some interesting suggestions, and whilst I may not agree with them on every detail they have a credible and legitimate argument. As far as I’m concerned the Government has not made the case for Commissioners – I sat and watched, like millions of others, three leadership debates on TV – during the recent election campaign and there wasn’t one mention of, or reference to, directly elected Commissioners, not one. ‘I do understand the Coalition Government’s desire to get on with introducing radical change, that’s perfectly natural but it has a higher duty and responsibility to govern wisely and well. Occasionally that may take a little longer but it will reap benefits in the long run, who wants to be associated with a disastrous policy that’s hastily conceived and implemented poorly? In my view there should be a much more wide-ranging and thorough assessment of the alternative models and current system before embarking on reform. Policing involves the state legitimised use of force, the right to deprive individuals of their liberty – it doesn’t get more important than this and its essential that the Government gets it right – hindsight doesn’t win any prizes or provide comfort to those who could be ill-served by these proposals. ‘I’m the serving Chair of a Police Authority and yes I’m facing abolition in the light of these proposals, but this is not the reason why I am speaking out. Its because I care passionately about policing in Kent. I’ve been privileged to serve on the Police Authority for almost 10 years now, and during my five years as Chair of the Kent Police Authority we have: Rolled out neighbourhood policing across Kent and Medway. This includes 13 District based Task Teams to tackle anti-social behaviour and crime Achieved all this and more whilst having one of the very lowest levels of police council tax across counties in England and Wales ‘Now I think that’s a good track record, one that we can be proud of and a legacy that I want to protect. Those significant improvements have been led by a Police Authority of 17 members, made up of elected councillors and local people, appointed through a competitive selection process. I would argue that our successes are, in no small way, attributable to these complementary skill sets and the overriding tendency of local politicians to leave party politics outside, and concentrate on delivering the best possible policing for communities. All the powers ascribed to the Commissioner currently sit with Police Authorities, and in Kent, and elsewhere, we have shown that Police Authorities can be effective. ‘Fundamentally the Government’s problem is this – it is committed to introducing directly elected Commissioners but it doesn’t know how it will work in practice, or how it fits with the policing landscape as a whole. There’s too little substance, and too little detail, in its proposals to use them as the basis for reform. There are so many gaps, the case for taking the time to evaluate all the options, in a considered and measured fashion, is overwhelming. ‘I admit Police Authorities haven’t always got it absolutely right, and there is still a real challenge for us in terms of raising public awareness and visibility – but those problems are solvable given the political will. I think the Government’s rush to reorganise policing and ill-thought through structural reform, is foolish. Especially at a time when the police service is wrestling with the biggest financial crisis in living memory. The scale and scope of the proposed change will act as a massive distraction as the police service looks to drive through savings and efficiencies on an unprecedented scale whilst maintaining, and where possible improving, the service provided to the public. The Government’s proposed course of action, quite simply, doesn’t serve the best interests of local communities. ‘My personal plea to Ministers is to pause for a moment. Let’s reflect on the critical importance of policing reform, weigh the options up carefully, consult meaningfully with all shades of opinion and, in short, make every effort to get this right. Rapidly enacting reform and change isn’t an end in itself, the prize is for police reform that’s sustainable, sits comfortably with our British model of policing, and serves the best interests of local communities.’
The Liberal Democrats are taking advantage of Web 2.0 technology to help run their headquarters, improve communication within the party and share materials with campaigners across the UK. Using Huddle, the Liberal Democrats are connecting more than 1,500 party campaigners and volunteers at a local level to share central campaign materials. In the run up to the general election, there were more than 46,500 document viewings in the party’s online workspaces. To help local candidates get elected and spread the party’s messages, volunteers can now work securely with other people online and access training documents and artwork. During the general election campaign, the Liberal Democrats’ Media Intelligence Unit, set up by the party’s press office, also established a 24 hour media monitoring rota so that press coverage could be analysed and media feedback recorded. All press articles were stored in Huddle to ensure that everyone could view the media’s response to the party’s campaign efforts. Prior to deploying Huddle, the Liberal Democrats were relying on email and an extranet to communicate across teams. Recognising that the internal IT system was struggling to cope with the volume of emails and it was difficult to share files with people outside of the party, the Liberal Democrats chose Huddle to improve collaboration and connect with party colleagues, volunteers and conference organisers. -It was becoming increasingly apparent that the party needed to replace its ailing extranet with technology that could be tailored for different teams,” said Sam Lockwood, Web & E-Communications Technology Manager, Liberal Democrats. -While Huddle was initially deployed for file sharing, we quickly realised that it has multiple other functions and groups across the party are now using it to manage projects, organise conferences and have discussions. Our Federal Conference Committee, which is responsible for running our two annual conferences, uses Huddle to manage and organise these events with external support staff. Huddle’s flexibility has enabled the party to realise the benefits of cloud computing and increase efficiencies. ” The Liberal Democrats’ Policy Response Unit has set up an online workspace from which parliamentary candidates can access and search for required policy information. A workspace has also been established to meet the specific needs of the Scottish Liberal Democrats, so that members have access to Scottish policy briefings and responses. -Recognising the value of using social media in politics following Barack Obama’s successful election campaign in 2008, the 2010 British general election saw all three mainstream parties use tools such as Twitter and Facebook to reach and engage voters,” said Alastair Mitchell, Co-founder and CEO, Huddle. -This year, we’ve already seen a big increase in government departments and organisations deploying Web 2.0 internally to boost communication and increase efficiency. The Liberal Democrats have placed Web 2.0 at the heart of party communications and we expect more organisations to follow suit and deploy tools that help them to work better together and save money.” Huddle currently has 60 per cent government penetration, including customers such as the Home Office, the Department for Culture, Media and Sport and the Department for Business, Innovation and Skills.
|
NEED AN UP TO DATE DATABASE? 
  |
Recent Comments