Wednesday, July 19, 2006

DIACAP is READY!!

**Update: Its 2014 and a LOT has changed.  For one thing, the DIACAP is now getting phased out and superseded by Risk Management Framework for Department of Defense IT.  The document is still DoDI 8510.01 but the content is MUCH different.  Its based on NIST 800-37, RMF for Fed systems.**

What is scary, is that my blogs are on google above some of the most informative pages about DIACAP. For this reason, the government should have secured blogs and or forum (.mil/.gov only) to allow faster access to this kind of extremely important information. C & A, security engineering and IA officers get information much faster than the Gov't can publish. A security forum or secure blogs would allow some email that we get on the latest news on IA issues to be posted immediately without fear of giving out unauthorized data over the Internet. Just one mans oppinion.

DoD 8510.bb is signed and will supercedes DoDI 5200.40 and DoDI 8510.1-M. The DIACAP Knowledge Service site is up and ready to go:
https://diacap.iaportal.navy.mil. (.gov, .mil only)
More information on the DIACAP - http://www.sdissa.org/downloads/Revised_DIACAP_KS_eMASS_Brief ISSA_10-28-05.ppt


What I don't get is how to get to eMASS.

Unless I have read wrong, the "Enterprise Mission AssuranceSupport System" (eMass) is supposed to be the main feature for automating and streamlining the Certification and Accreditation process. It seems that you have to get some sort of software to get access to eMass. Not sure, I'm researching this while reading up on the new DIACAP documents.
Here is some contact information on how to get on eMass - https://diacap.iaportal.navy.mil/ks/links2/emass.aspx

Wednesday, April 26, 2006

DIACAP Guide

This slide will tell you everything you need to know for now about the upcoming
DIACAP:

http://www.sdissa.org/downloads/Revised_DIACAP_KS_eMASS_Brief

According to rumors about the DIACAP, the document (8510.bb) is waiting to be signed. DoD 8510.bb will be the DIACAP Instruction guide. The DoD 8510.bb, Defense Information Assurance Certification and Accreditation Process will replace the 5200.40, DoD Information Technology Security Certification and Accreditation Process (DITSCAP) and 8510.1-M, Department of Defense Information Technolgoy Security Certification and Accreditation Process (DITSCAP) Application Manual.

READ MORE on the DIACAP Guide.
Replaced with DIARMF now known as DoDI Risk Management Framework for DoD IT (8510.01)
2014

Tuesday, September 27, 2005

e-Eye Retina Vulnerability Scanner replaces ISS

e-Eye Digital Security hit a homerun in 2004 when they won the $6 Million dollar Defense Information System Agency’s I-ASSURE contract which will allow their robust e-Eye Retina Vulnerability Scanner to be used on DOD systems world wide.

The Retina Vulnerability Scanner will be used to measure compliance with Department of Defense (DoD) Computer Emergency Response Team (CERT) Information Assurance Vulnerability Management Notices.

The DOD used to use Internet System Security (ISS) vulnerability assessment tools exclusively for this task. However, on 30 September 2005 the ISS vulnerability tools will no longer be used by the Department of Defense.

This comes at a time of the "cover up" CiscoGate controversy which involved ISS. On July 2005, Michael Lynn, a former research analyst with Internet Security Systems, resigned from the company just before releasing a major flaw in Cisco routers (many of which are on critical infrastructures).

According to Lynn, Cisco and ISS allowed him to speak about the flaw at the Black Hat but suddenly changed their minds at the last minute attempting to shut Lynn up with legal action. Cisco and ISS were trying to protect there shareholders at the cost of all the customers, organizations and nations that depend on the Cisco routers. From an ethical perspective, this was not a great way for an Internet System Security company to act.

It will be interesting to see if e-Eye Digital will be more ethical than ISS as it comes to power. Something very evil tends to happen when large groups of people get together to gather large sums of money.

As stated above, after Friday, 30 Sept 05, the ISS scanner will no longer be available. You should be able to download the new e-Eye Retina Network Security Scanner from one of the DISA pages:

ISS/Retina Vulnerability Scanners (DOD):

e-Eye Retina Network Security Scanner(SCCVI)
http://iase.disa.mil/stigs/iss/index.html
http://iase.disa.mil/stigs/iss/retina.html



eEye Digital Security and DISA press release:

http://www.eeye.com/html/company/press/PR20040623.html



Official Word from DISA

Information Assurance Support Environment:

DISA IA Announcement: DISA will be converting from using Internet Security Scanner to the e-Eye Retina Network Security Scanner(SCCVI) effective 1 Aug 05 for all security reviews, compliance validations, certification efforts, etc. All open findings related to a penetration test conducted with the ISS tool will be archived (closed) as a Retina penetration test is conducted by DISA. The ISS findings are still valid open findings that need to be worked and closed by the site. However, sites are highly encouraged/recommended to perform a self-assessment using the Retina scanner, as soon as they receive the tool.

Information, online training, and Retina software can be obtained from the http://iase.disa.mil website.



eEye Digital Security

http://www.eeye.com/html/index.html

Retina Network Vulnerability Scanner:

http://www.eeye.com/html/products/retina/index.html



Resources

ISS is Shady

e-Eye Press release

Inside CiscoGate

Lynn’s Lawyer


Cisco & ISS vs. Lynn

Tuesday, September 20, 2005

First Step in Completing the SSAA

In my opinion understanding the system you are working on is the most important part of writing an System Security Authorization Agreement (SSAA). Once you have an understanding of the how the system works, why the system is necessary and what the current status of the system is it becomes much easier to put the pieces together.

Although the SSAA is a very detailed document, much of the data in the document is filler information. You are gathering information on the system or the system being created in order to put together a comprehensive account of security of the system.
If you look at the outline below, you will see that much of the items require in the SSAA should already exist:

1. MISSION DESCRIPTION AND SYSTEM IDENTIFICATION

2. ENVIRONMENT DESCRIPTION

3. SYSTEM ARCHITECTURAL DESCRIPTION

4. ITSEC SYSTEM CLASS

5. SYSTEM SECURITY REQUIREMENTS

6. ORGANIZATIONS AND RESOURCES

7. DITSCAP PLAN

SSAA OUTLINE <--- HERE

The difficultly comes when you have very little information of resources (such as engineers who have worked on the system or old documentation). That is when the SSAA gets tricky and each paragraph becomes like a mountain you must conquer.

I’ve found that most of my challenges come from legacy systems that do not fit into the modern day security needs of the organization. When this happens I don’t panic. I’m simply assessing the system an reporting the facts. It is the Designated Approval Authority that must ultimately take the risk.

Monday, September 19, 2005

Use Tags to Research ISPs, SSAAs or whatever

Del.icio.us & and Technorati are great site you can use to research C4ISP/ISP, SSAA or whatever you want. Since these sites are a whole new way to web lets start from the begining.

There is a new branch of the Web growing like a well organized storm cloud. This recent trend on the Web can be used to strengthen your presence with major search engines and reach an active audience that is highly interested in your content.

Welcome to the world of "folksonomy" and "tagging."

What is Folksonomy and Tagging?

Folksonomy is a combination of the words folks and taxonomy meaning "people classification management." This allows users some level of control over how the web is organized. One of the most popular tools of the folksonomy concept is tags. Tagging, in the context of this article, is the process of labeling a piece data with metadata.

Using Tagging & Folksonomy to Advertise

Three of the most effective sites currently using tags and/or folksonomy are: Del.icio.us, digg.com, and technorati. Each of these sites is a major player in the folksonomy world.

Del.icio.us is a social bookmarking web application that is growing very fast in popularity. With a free account, del.icio.us users can submit and access all of their bookmarks from any computer with Internet access. By submitting and tagging your own web pages, you instantly give access to thousands of other users with interests in the same tags. Encouraging site visitors to submit your selected webpages to their own del.icio.us bookmark page is a very good way to get more exposure to del.icio.us users. Submitting to del.icio.us is instant and it creates meaningful relevant links important to the major search engines.

Digg.com is mostly a technical news site. If you are familiar with the Web phenomenon Slashdot, then digg will remind you of that geek culture. The difference is that ALL of digg's content is created, submitted, and judged by its audience. If your page, blog or online article is good enough to be "dug" by digg users, you could receive literally hundreds of unique visitors immediately. Virtually any participation (comments, submissions, links in your profile) can get your site traffic from digg. The beauty of digg is that it is so popular that many submissions to digg can instantly dominate some keywords on search engines such as google.com.

Technorati.com is a power house in the world of tagging. If you have a blog, Technorati should become one of your favorite search engines on the World Live Web. Many Technorati Tags are beginning to dominate the Web by having constantly updated, fresh blog content on highly focused subjects. The beauty of Technorati is that blog application such as blogware and others are completely integrated with it allowing blog categories to be instantly tagged and syndicated into the blog search engine. Any blog can be manually added as well to technorati's very open tagging system. Like digg, even if you only happen to get a trickle of traffic from technorati itself many times the link value alone will sky rocket the speed in which your site rank in the search engines.

There are many other folksonomy sites that can help you with "tag syndication." With its encouragement to get users to submit their own RSS feeds as content, My Yahoo! is a great way to increase traffic and links. Web applications like TagCloud integrates RSS and tagging while wikipedia.org is method of allowing social webpage and content development. All these methods and many more have two great things in common 1) they are free (as of this writing) and 2) they give the power to reshape and categorize the Web to the people. If content is King then content management is the the kingdom.

Sunday, September 18, 2005

Security Risks and Ways to Decrease Vulnerabilities in a 802.11b Wireless Environment

Introduction

This document explains topics relating to wireless networks. The main topics discussed include, what type of vulnerabilities exist today in 802.11 networks and ways that you can help prevent these vulnerabilities from happening. Wireless networks have not been around for many years. Federal Express has been using a type of wireless networks, common to the 802.11 networks used today, but the general public has recently just started to use wireless networking technology. Because of weak security that exists in wireless networks, companies such as Best Buy have decided to postpone the roll-out of wireless technology. The United States Government has done likewise and is suspending the use of wireless until a more universal, secure solution is available.

Background

What is Wireless?

Wireless LANs or Wi-Fi is a technology used to connect computers and devices together. Wireless LANs give persons more mobility and flexibility by allowing workers to stay connected to the Internet and to the network as they roam from one coverage area to another. This increases efficiency by allowing data to be entered and accessed on site.

Besides being very simple to install, WLANs are easy to understand and use. With few exceptions, everything to do with wired LANs applies to wireless LANs. They function like, and are commonly connected to, wired Ethernet networks.

The Wireless Ethernet Compatibility Alliance [WECA] is the industry organization that certifies 802.11 products that are deemed to meet a base standard of interoperability. The first family of products to be certified by WECA is that based on the 802.11b standard. This set of products is what we will be studying. Also more standards exist such as 802.11a and 802.11g.

The original 802.11 standard was published in 1999 and provides for data rates at up to 2 Mbps at 2.4 GHz, using either FHSS or DSSS. Since that time many task groups have been formed to create supplements and enhancements to the original 802.11 standard.

The 802.11b TG created a supplement to the original 802.11 standard, called 802.11b, which has become the industry standard for WLANs. It uses DSSS and provides data rates up to 11 Mbps at 2.4 Ghz. 802.11b will eventually be replaced by standards which have better QoS features, and better security.

Network Topology

There are two main topologies in wireless networks which can be configured:

Peer-to-peer (ad hoc mode) – This configuration is identical to its wired counterpart, except without the wires. Two or more devices can talk to each other without an AP.

Client/Server (infrastructure networking) – This configuration is identical to its wired counterpart, except without the wires. This is the most common wireless network used today, and what most of the concepts in this paper apply to.

Benefits of Wireless LANs

  • WLANs can be used to replace wired LANs, or as an extension of a wired infrastructure. It costs far less to deploy a wireless LAN than to deploy a wired one. A major cost of installing and modifying a wired network is the expense to run network and power cables, all in accordance with local building codes. Example of additional applications where the decision to deploy WLANs include:
  • Additions or moves of computers.
  • Installation of temporary networks
  • Installation of hard-to-wire locations

Wireless LANs give you more mobility and flexibility by allowing you to stay connected to the Internet and to the network as you roam.

Cons of Wireless LANs

Wireless LANs are a relatively new technology which has only been around since 1999. With any new technology, standards are always improving, but in the beginning are unreliable and insecure. Wired networks send traffic over a dedicated line that is physically private; WLANs send their traffic over shared space, airwaves. This introduces interference from other traffic and the need for additional security. Besides interference from other wireless LAN devices, the 2.4 GHz is also used by cordless phones and microwaves.

Security Issues of WLANs

  • War-driving


    War-driving is a process in which an individual uses a wireless device such as a laptop or PDA to drive around looking for wireless networks. Some people do this as a hobby and map out different wireless networks which they find. Other people, who can be considered hackers, will look for wireless networks and then break into the networks. If a wireless is not secure, it can be fairly easy to break into the network and obtain confidential information. Even with security, hackers can break the security and hack. One of the most prevalent tools used on PDAs and Microsoft windows devices is, Network Stumbler, which can be downloaded at http://www.netstumbler.com. Equipped with the software and device, a person can map out wireless access points if a GPS unit is attached. Adding an antenna to the wireless card increases the capabilities of Wi-Fi. More information can be found at: http://www.wardriving.info and http://www.wardriving.com to name a few.


  • War-chalking

    War-chalking is a method of marking wireless networks by using chalk most commonly. War-driving is usually the method used to search for networks, and then the person will mark the network with chalk that gives information about the network. Some of the information would include, what the network name is, whether the network has security, and possibly the contact information of who owns the network. If your wireless network is War-chalked and you don't realize it, your network can be used and/or broken into faster, because of information shown about your network.

Eavesdropping & Espionage

Because wireless communication is broadcast over radio waves, eavesdroppers who just listen over the airwaves can easily pick up unencrypted messages. These intruders put businesses at risk of exposing sensitive information to corporate espionage. Wireless LAN Security – What Hackers Know That You Don't www.airdefense.net Copyright 2002

Internal Vulnerabilities

Within an organization network security can be compromised by ways such as, Rouge WLANs (or Rouge Aps), Insecure Network Configuration, and Accidental Associations to name a few.

Rouge Access Points – An employee of an organization might hook up an access point without the permission or even knowledge of IT. This is simple to do, all a person has to do is plug an Access point or wireless router into an existing live LAN jack and they are on the network. One statistic in 2001 by Gartner said that, “at least 20 percent of enterprises already have rouge access points.” Another type of attack would be if, someone from outside the organization, enters into the workplace and adds an Access Point by means of Social Engineering.

Insecure Network Configurations - Many companies think that if they are using a firewall or a technology such as VPN, they are automatically secure. This is not necessarily true because all security holes, big and small, can be exploited. Also if devices and technologies, such as VPNs, firewalls or routers, are mis-configured, the network can be compromised.

Accidental Associations – This can happen if a wireless network is setup using the same SSID as your network and within range of your wireless device. You may accidentally associate with their network without your knowledge. Connecting to another wireless LAN can divulge passwords or sensitive document to anyone on the neighboring network. Wireless LAN Security – What Hackers Know That You Don't www.airdefense.net Copyright 2002

Social Engineering – Social Engineering is one of the most effective and scariest types of attacks that can be done. This type of attack really scares me and can be done for many other purposes besides compromising security in wireless networks. A scenario: Someone dressed up as a support person from Cisco enters the workplace. The secretary sees his fake credentials and lets him get pass the front desk. The impersonator walks from cubicle to cubicle, collecting user names and passwords as he/she goes. After finding a hidden corner, which seems to be lightly traveled, he plugs an insecure Access Point into the network. At the same time he configures the Access Point to not broadcast its SSID and modifies a few other settings to make it hard for the IT department to find this Rouge Access Point. He then leaves without ever being questioned by anyone because it looks like he just fits in. Now, all he has to do is be within 300 feet from the access point, (more if he added an antenna), and now has access to all kinds of secure documents and data. This can be a devastating blow to any corporation and could eventually lead to bankruptcy if the secrets of the company were revealed to competitors.

Bruce Schneier came to my classroom and said the following about Social Engineering, “Someone is just trying to do their job, and be nice. Someone takes advantage of that by targeting this human nature. Social Engineering is unsolvable.”

Securing Wireless Networks

According to Bruce Schneier and others such as Kevin Mitnick, you can never have a totally secure computing environment. What is often suggested is to try and control the damage which can be done if security is breached. One can try many different tools on the market which can help prevent security breaches.

WEP – WEP supports both 64 and 128-bit keys. Both are vulnerable, however, because the initialization vector is only 24-bits long in each case. Its RC4 algorithm, which is used securely in other implementations, such as SSL, is quite vulnerable in WEP. Http://www.infosecuritymag.com/2002/jan/cover.shtml Wireless Insecurities By Dale Gardner. Different tools exist to break WEP keys, including AirSnort, which can be found at www.airsnort.net. Although this method is not a secure solution, it can be used to help slowdown an attacker if other means are not possible financially or otherwise.

VPN and IPSec - IPSec VPNs let companies connect remote offices or wireless connections using the public Internet rather than expensive leased lines or a managed data service. Encryption and authentication systems protect the data as it crosses the public network, so companies don't have to sacrifice data privacy and integrity for lower costs. A lot of VPN's exist on the market today. An important note about VPNs is, interoperability does not really exist, and whatever you use for your server has to be the same brand as your clients most of the time. Some VPNs include:

  • Borderware
  • BroadConnex Networks
  • CheckPoint
  • Cisco
  • Computer Associates

DMZ – Adding this to your network enables you to put your wireless network on an untrusted segment of your network.

Firewalls – Firewalls are all over the place. Firewalls range from hardware to software versions. By adding a firewall between the wireless network and wired network helps prevent hackers from accessing your wired network. This paper doesn't go into specifics about different firewalls and how to set them up, but there are many. Some of the firewalls include:

  • ZoneAlarm (an inexpensive based software firewall) Zonelabs.com
  • Symantec has many different firewalls depending what you require.

PKI - Public-key infrastructure (PKI) is the combination of software, encryption technologies, and services that enables enterprises to protect the security of their communications and business transactions on the Internet. What is PKI? http://verisign.netscape.com/security/pki/understanding.html

Site Surveys – Site Surveys involve using a software package and a wireless device to probe your network for Access Points and security risks.

Proactive Approaches

Since wireless technology is insecure, companies or anyone can take a proactive approach to try and identify hackers trying to gain access via wireless networks.

Honeypots – are fake networks setup to try and lure in hackers. This enables administrators to find out more about what type of techniques hackers are using to gain access. One product is Mantrap created by Symantec.

“ManTrap has the unique ability to detect both host- and network-based attacks, providing hybrid detection in a single solution. No matter how an internal or external attacker tries to compromise the system, Symantec ManTrap's decoy sensors will deliver holistic detection and response and provide detailed information through its system of data collection modules.”

http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=157

Intrusion Detection – Intrusion Detection is software that monitors traffic on the network. It sounds out a warning if a hacker it trying to access the network. One such free product is Snort.

“Before we proceed, there are a few basic concepts you should understand about Snort. There are three main modes in which Snort can be configured: sniffer, packet logger, and network intrusion detection system. Sniffer mode simply reads the packets off of the network and displays them for you in a continuous stream on the console. Packet logger mode logs the packets to the disk. Network intrusion detection mode is the most complex and configurable configuration, allowing Snort to analyze network traffic for matches against a user defined rule set and perform several actions based upon what it sees.” http://www.snort.org/docs/writing_rules/chap1.html#tth_chAp1

Network Monitoring - Network Monitoring would be products such as snort that monitor the flow of traffic over the network.

Quick tips and tricks

  • When setting up wireless networks and access points there are a few quick steps that can be taken to immediately secure the network, even though it does not make it secure. Some of these ways include:
  • Change your default SSID: each router or access point comes with a default SSID. By changing this it can take longer for an attacker to know what type of device he is trying to hack.
  • Change the default password – generic default passwords are assigned to access points and routers. Sometimes the password is admin. By changing this password, the attacker cannot modify settings on your router as easily.
  • Disable broadcasting SSID: By default AP's broadcast their SSIDs, if you shutoff this setting it is harder for outsiders to find your AP.
  • Enable MAC filtering: WARNING: this can only work in smaller environments where a centralized access list does not need to be maintained. You can enable only specific wireless cards to access the AP by only enabling those MAC addresses.
  • Turn off shares: If security is important, scanning for shares and turning off the shares on the network can help. Also encrypting sensitive data can prevent hackers from accessing the data.
  • Put your wireless access points in a hard to find and reach spot.
  • Keep your drivers on all wireless equipment updated. This helps patch existing security vulnerabilities.
  • Read current press releases about emerging wireless news.

About The Author

Richard J Johnson

Network+ Certified

RJ Computer Consulting

http://rjcomputerconsulting.com

Richard@johnsorichard.com

Saturday, September 17, 2005

Hacking Threats and Protective Security

Written by: Michael Hart

The 1998 Data Protection Act was not an extension to, but rather a replacement which retains the existing provisions of the data protection system established by the 1984 legislation. The Act was to come into force from 24 October 1998 but was delayed until 1st March 2000.

In addition to data, manual records were to be brought within the terms of the new data protection system, thus allowing subject access rights to access to such records.

Due to the allowances made for existing institutions to be brought into compliance with the new legislation, manual data processing that began before 24 October 1998 was to comply with the new subject access accommodations of the Act until 2001.

Now 4 years later there are still unresolved issues such as the security threats presented by computerisation, these can be broadly divided into 3 broad categories:

Incompatible usage:
Where the problem is caused by an incompatible combination of hardware and software designed to do two unconnected but useful things which creates weak links between them which can be compromised into doing things which they should not be able to.

Physical:
Where the potential problem is caused by giving unauthorised persons physical access to the machine, might allow user to perform things that they should not be able to.

Software:
Where the problem is caused by badly written items of "privileged" software which can be compromised into doing things which they should not be able to.

Security philosophy:
A systems security implementations (software, protected hardware, and compatible) can be rendered essentially worthless without appropriate administrative procedures for computer system use.

The following details the results of the threat analysis. If a computer system was setup to mimic the current running of the health practice the following considerations should be understood:

Assets To Be Protected:
That due to the nature of the institution, stable arrangements would need to be made to protect the:

Data: Programs and data held in primary (random access and read only memory) and secondary (magnetic) storage media.

Hardware: Microprocessors, communications links, routers, and primary / secondary storage media.

Security Threats:
The following details the relevant security threats to the institution and the more common causes of security compromise.

Disclosure:
Due to both the sensitive nature of the information to be stored and processed there are more stringent requirements of the new data protection legislation, all reasonable precautions must be taken to insure against this threat.

Attackers:
Although the vast majority of unauthorized access is committed by hackers to learn more about the way computer systems work, cracker activities could have serious consequences that may jeopardize an organisation due to the subsequent violation of the seventh data protection principle ie that personal data shall be surrounded by proper security.

The staff:
It is widely believed that unauthorized access comes from the outside, however, 80% of security compromises are committed by hackers and crackers internal to the organisation.

operators:
The people responsible for the installation and configuration of a system are of critical risk to security. Inasmuch as they may:

[1] Have unlimited access to the system thus the data.

[2] Be able to bypass the system protection mechanisms.

[3] Commit their passwords for your system to a book, or loose notes.

[4] A tendency to use common passwords on all systems they create, so that a breach on one system may extend to others.

The data subject:
The data subject invoking the right to access personal data creates a breach in security by definition. To comply with such a request the data must be ‘unlocked’ to provide access to it, thus creating additional risks to security. Inasmuch as:

[1] If copies have to be made, this will normally be by clerical staff who would not normally have such rights themselves.

[2] The copies may go astray whilst being made available.

[3] Verification of the identity of the data subject becomes very important.

Software:
Many business have database applications that are typically designed to allow one to two staff to handle a greater work load. Therefore such software does not allow validation (confirming that data entries are sensible) of the details the staff enter.

This is a critical security risk as it allows basic acts of fraud to be committed, such as, bogus data entry (entering additional unauthorised information).

Importance Of Good Security:
Data is valuable in terms of time and money spent on gathering and processing it. Poor or inadequate system protection mechanisms canlead to malicious computer system attacks (illegal penetration and use of computer equipment).

One or more devious, vandalising, crackers may damage a computer system and / or data, such damage could have serious consequences other than those of the subsequent violation of the seventh data protection principle that may jeopardize the organisation. For example:

Loss of information: Which can cost money to recreate.

False information: With possible legal action taken.

Bad management: Due to incorrect information.

Principles Of Computer Security:
The publication and exploration of inefficiencies and bugs in security programs that exit in all complex computer programs (including operating systems), methods of entry and ease of access to such technical information has meant that a system is only as secure as the people who have access to it and that good system security cannot be guaranteed by the application of a device or operating system.

Computerisation:
Media reports that draw public attention to the security threats inherent in the nature of programable technology and the safety of individuals information has given rise to situations where institutions entrusted with sensitive information need to spend as much time and energy to gain public trust in such systems as they do in providing serveries.

Although this scenario does not yet apply to the health industry inasmuch as the public are not yet the end users of the system, such social impressions must be considered:

This leads us to the question: if life with computers is so wonderous, how do you leave it? Simply flip a switch and everything will shut down and you can explore the marvels of the oustide world. Computers are only tools and, just like an electric screwdriver, computers can save time and effort without taking anything away from you. All you have to decide is when you want to use a computer and when you don't, you're still in complete control of your life.

Principles Of Inference:
One of the new concepts introduced by the data protection legislation is ‘inference’, and data is now regarded as itself sensitive if sensitive data can be inferred from it. For example, if an estate agent displays complete details about one terraced house, you can infer what the neighbouring house is like. In a medical practice, full patient details about three members of a family could probably allow you to construct the details of a fourth.

This must be linked to the proposition that, in the last 10 years or so more information has been stored about individuals than in all of previous history, and, because of computerisation, all of that information is capable of being pulled together from the different organisations (banks, stores, state, etc) which hold it.

Right To Privacy:
It can be seen that the statement ‘The processing of personal computerised data represents a threat to the individual’s right to privacy’ is well founded. Unfortunately, until now, there has been no statutory right in English law to personal privacy.

For this reason, a right to privacy of that information has been set into the data protection legislation, and, it is only such legislation that prevents complete dossiers from being compiled on any given individual.

Health professionals are exempted from the need for prior approval before processing personal information, for example, as it is clear the health of the individual overrides the individual’s right to privacy, and the consent can be taken for granted.

This does not prevent health professionals from having the full burden of protecting that information from unauthorised access, specifically due to the higher obligations placed on them by the Hippocratic oath which states that a member of the medical profession should respect the secrets which are confided them, even after the patient has died.

However, as can be seen from the exemptions and exceptions, a difficult balance has to be achieved between the right to privacy, and the needs of the individual (and/or the organisation).

In the case of the any entity or practice, the data subject’s rights to the protection of the data that relates to them creates a conflict of interests between them and the practice inasmuch the complex security system needed for this requires extra administration and the navigation of a complex system every time data is need may place extra stress on the staff, both things the management may wish to avoid.

© I am the website administrator of the Wandle industrial museum (http://www.wandle.org). Established in 1983 by local people to ensure that the history of the valley was no longer neglected but enhanced awareness its heritage for the use and benefits of the community.