“Protect accidental or intential release of backup/recovery tape data with data encryption used in IBM’s Tivoli Storage Manager.”
…The newspaper headline read, “U.S. National Corporation Freely Releases Customer Information on the Internet.” The article begins, “U.S. National Corporation [USNC] earlier today provided public access to confidential customer information including names, addresses, social security numbers, and credit card numbers. The customer information was apparently routed internally to personnel not authorized for viewing. In accordance with ‘full disclosure reporting,’ USNC has posted the information in a file on their website and made it available for download and viewing.”
Further down in article, the CEO is quoted as saying, “…when we discovered that our customers’ records were mishandled, the board of directors decided to release the information on the Internet so that there could be no question of our guilt.” The article goes on to explain how a company human relations manager received an e-mail with the offending file attached. The file, created by the company’s backup / recovery system, was supposed to be delivered to customer support personnel that handles customer complaints but was incorrectly addressed by the sender.
Although there have been several well publicized incidents of accidental “leaks” of customer information in the past several years, this is the first known intentional release of such information on the Internet.
Susan Blume, USCN’s Director of Internet Security, was vehemently opposed to the release of customer information. In a phone interview, she expressed “extreme concern for the well-being of our customers. …there are thousands of individuals with criminal intent that would love to get their hands on the kind of information that was posted on our web site.” She added, “The Board of Directors believes that no one is sinister enough to use the information for evil purposes. I know better.”
Outrageous Disclaimer
In a press release, USNC’s CEO, explained, “We have procedures in place that were not followed. The offending employees have been disciplined. [Still], for sake of full disclosure and transparency, acts performed by the company that may be detrimental to customers will result in a ‘full and transparent’ public report…”
According to the CEO, company policy requiring full disclosure of compromising incidents was added to the USNC’s by-laws after the United States government assumed partial company ownership in the 2009 bailout. “Despite potential harm to our reputation and potential identity theft of our customers, we believe that we’ve achieved our goal of total transparency. The customers freely provided their information to us. We disavow fault if harm comes to them as a result of their information being disclosed publicly.”
No Way!
Of course the article above is pure nonsense and the event never really happened. No right minded board of directors or CEO would intentionally allow the release of information for public access that criminals could use to cause harm. Every company should protect its proprietary information from external access with every means possible. A company’s reputation (and chances for survival) is at extreme risk after unintended dissemination of information.
Protect What’s Important to Avoid Criminal Acts Against Your Customers
With this in mind, why is the US Congress preparing to allow dissemination of documentation that will incite criminals to bring harm to US citizens?
Consider the actions taken earlier this month by at least one congressional committee to strip an amendment barring the release of supposed torture pictures of terrorist suspects. US Senators proposed an amendment to block the release of photos that may inflame anti-American sentiment with people that mean to do us harm.
The photos in question are, in our President words, “…not particularly sensational…but they do represent conduct that did not conform with the Army manual. That’s precisely why they were investigated… and where appropriate, sanctions have been applied.” The President added, “This is not a situation in which the Pentagon has concealed, or sought to justify inappropriate action…” Like the fictional leak of information in the story above, it should be a “no-brainer” to approve legislation to block the release of the damaging information.
Regardless, the ACLU sued for the release of the photos citing the Freedom of Information Act.
In May, our President challenged a court decision (in favor of the ACLU) saying, “The most direct consequence of releasing [the photos], I believe, would be to further inflame anti-American opinion and to put our troops in greater danger.” The President said that he would seek to block the court-ordered release of the photos citing recommendations from US generals. The generals expressed concern that the photos could be used by terrorist organizations for recruitment purposes and to incite increased anger against the US, resulting in violence towards American troops and citizens.
Still, Speaker of the House reports that the amendment proposed by the Senators is likely to be stripped from legislation in committee.
If the photos are released, brave US soldiers serving in the Middle East and US citizens world-wide would be likely targets of terrorist attacks from radicals intending to do harm to the United States. It is logical to assume that terrorist activity against America will increase if the photos are made public.
As in the fictitious story about USNC above, public dissemination of damaging information is illogical. No right minded company would ever intentionally release information that would cause harm to its customers. Likewise, no honorable government should ever provide information that aids enemies sworn to harm to its citizens. Companies and governments alike should invest in technology and promote laws / policies designed to prevent accidental, malicious, or intentional dissemination of proprietary / classified information.
The US Congress should do the honorable thing and block the release of the photos. If Congress does not do their job and protect US troops and citizens, then the President should sign an executive order preventing the release of photos. It is the job of the President and Congress to prevent harm to the people and country they are sworn to protect.
Technical footnote: If the backup/recovery tape that was released by USNC had been created by IBM’s Tivoli Storage Manager, the data would have been encrypted. Without security keys, the customer data in the file (even though it was posted on the Internet) would have been nearly impossible to read.
i’m usually wandering about the web most of the time which means that I have the inclination to browse a bunch, which isn’t always a good option as a great number of the web sites I find are made up of pointless waste copied from some other internet websites a thousand times, nonetheless I gotta give you props this page is in truth decent and also contains a lot of unique material, for that reason thank you for smashing the fad of just duplicating other peoples’ blogs and forums, in case you ever want to play a few hands of zynga poker with me let me know – you have my e mail