Monthly archives for March, 2018

Government’s dumb data disasters demonstrate decaying diligence

The Australian government’s habit of losing filing cabinets full of confidential documents is merely a symptom of much deeper problems, in both policy development and implementation.

As Oscar Wilde might have put it: “To lose one filing cabinet full of government documents may be regarded as a misfortune; to lose two looks like carelessness.”

Carelessness is something the Australian government seems to be quite good at these days.

News broke on Sunday that in 2013, confidential personnel files from the then Department of Families, Housing, Community Services and Indigenous Affairs (FaHCSIA), now part of the Department of Social Services, had gone walkies for several days.

Just like the secret cabinet files incident reported in January, these documents were discovered in a locked filing cabinet bought from a second-hand furniture store.

“The documents were personnel files which had all the personal details [of employees] like home addresses and phone numbers, as well as previous positions held, CVs, and security clearances,” the buyer told The Sunday Canberra Times.

“It was a two-drawer filing cabinet, and the bottom drawer was completely full,” he said.

The two incidents aren’t quite the same. Personnel files don’t have to be handled under the same security protocols as cabinet documents. But there’s plenty enough information in them to make identity theft or spearphishing a trivial pursuit.

Yes, this is carelessness.

Then there was the incident where a “classified notebook belonging to a top Defence official” was discovered, along with his ID … guess where?

“Initial inquiries indicate the items were inadvertently left in a piece of personal furniture recently disposed of by the Defence official,” The Canberra Times reported.

Three incidents involving lost documents in second-hand furniture doesn’t constitute a wave of incompetence, of course, no more than two or three robberies random clustered together constitute a crime wave. But these physical data leaks are being unearthed at a time when confidence in the government’s ability to manage data needs to be questioned, and questioned hard.

Do we need to repeat the now-familiar litany? The government’s recklessness with medical data. The omnishambles of the 2016 Census. The collapse of the Australian Taxation Office (ATO) storage system. The unthinking viciousness of Centrelink’s robodebt debacle.

Things are no better at the state level — the corruption of Victoria’s Ultranet project and NSW agencies struggling with the security basics, to name but two examples.

Do you detect a pattern? I do. So do former senior public servants, but in another way.

Last month, The Mandarin, a news site that covers leadership in the public sector, concluded that there’s an urgent need to recover the capacity for deep policy analysis in the Australian Public Service (APS).

Terry Moran, a former secretary of the Department of the Prime Minister and Cabinet (PM&C), was scathing.

“The APS is failing in areas of social policy because it has been stripped of specialist capability and service delivery experience. If it were a patient it would be in palliative care,” Moran said.

“Successive governments haven’t nurtured the APS: they’ve gutted it.”

David Borthwick, former secretary of the Department of Environment, Water, Heritage and the Arts, was concerned that a lack of resources meant that departments were flat out delivering their programs, with little time for anything else.

“The quality of the Australian Public Service is the foundation of good government. It must have the capacity — the skilled workforce and the resources — to undertake the strategic thinking which underpins longer-term reforms,” Borthwick said.

Highly-respected journalist Laura Tingle reported similar concerns in her Quarterly Essay from 2015, Political Amnesia: how we forgot how to govern.

“The blurring of boundaries between the public servant and the political adviser, and the relentless focus on message over substance, results in a diminution of the ‘space’ in which the independent adviser can operate,” Martin Parkinson, currently secretary of the Department of Prime Minister and Cabinet, said at the time.

“Today, in some institutions, smart people look around at their colleagues and find there is no one to talk to, to learn from, who has experience in delivering real reform.”

Ken Henry, a former secretary of the Commonwealth Treasury, said much the same thing in Tingle’s essay.

“I think many departments have lost the capacity to develop policy; but not just that, they have lost their memory. I seriously doubt there is any serious policy development going on in most government departments,” Henry said.

All this is about developing policy rather than implementing programs, of course. But aren’t they the exact two things that the government is actually for?

If Australia were struggling to do either one of them, then we’d be deep in the brown stuff. But we’re struggling with both.

The most worrying comment for me came from Peter Varghese, a former secretary of the Department of Foreign Affairs and Trade (DFAT).

“Deep policy thinking is an area where our system, at both the political and the public service levels, has struggled over the last decade,” The Mandarin quoted Varghese as saying.

“Recovering the capacity for deep policy analysis is urgent because we are at an inflection point in our history. It is not dissimilar to the period after the second world war when the nation had to set out in a new direction and when the political and public service leaderships worked so well together to chart that direction. Or the period from the early eighties when we set out to internationalise the Australian economy; or the nineties when tax and industrial relations policies had to be redefined.”

Yes, the Australian government is struggling, both with policy development and with the implementation of data-enabled programs, at the exact moment in history when such things are needed.

The government is even having to hire consultants to teach it how to do basic government stuff like organisational development.

Parliament is currently running an inquiry into how the government uses contractors, with wide-ranging terms of reference. Stay tuned, but remember that this inquiry will only scratch the surface.


Pennsylvania attorney general sues Uber over delayed data breach notification

The state could seek as much as $13.5 million in penalties from the ride-hailing firm for its response to the 2016 breach.

Pennsylvania Attorney General Josh Shapiro is suing Uber for taking more than a year to notify thousands of drivers in the
Keystone State that their information was stolen in 2016.

In December, it came to light that hackers in 2016 stole data pertaining to 57 million Uber riders worldwide, as well data on more
than 7 million drivers. Uber concealed the breach for more than a year.

That data breach impacted at least 13,500 Pennsylvania Uber drivers, according to Shapiro’s office. Under the Pennsylvania Breach
of Personal Information Notification Act, Uber should have notified those drivers of the breach within a “reasonable” time frame.

“Uber violated Pennsylvania law by failing to put our residents on timely notice of this massive data breach,” Shapiro said in a
statement. He noted that instead of notifying impacted riders and drivers of the incident, Uber reportedly paid a hacker to keep
it under wraps.

Shapiro called this “outrageous corporate misconduct.”

Under Pennsylvania’s data breach law, the attorney general can sue Uber for up to $1,000 for each violation. With at least 13,500
Pennsylvanians, impacted, it could seek up to $13.5 million from the ride-hailing firm.

Shapiro is one of 43 state attorneys general investigating the data breach, his office said.

The data breach came to light just a few months after Dara Khosrowshahi stepped up as the new CEO of the embattled business. In a
statement to CNET, an Uber spokesperson said the company’s new leadership “has taken a series of steps to be accountable and
respond responsibly” to the breach. “While we dispute the accuracy of some of the characterizations in the Pennsylvania Attorney
General’s lawsuit, we will continue to cooperate with them and ask only that we be treated fairly.”


Overcoming the challenges: Back-up and storage for banks

Now is a good time for banks to think audit their back-up and storage to achieve both cost-savings and regulatory compliance.

A gambling and gaming company has achieved 75% in cost-savings with Amazon Web Services (AWS). The return on investment (ROI) it
has achieved is incredible and, more importantly, it can be replicated by banks and other financial services organisations at a
time when the European Union’s General Data Protection Regulation (GDPR) are just around the corner – coming into force on May

So, now is a good time for banks to think audit their back-up and storage to achieve both cost-savings and regulatory compliance.

The other key challenges include:

data locality;
bandwidth and data change rate that needs replication to a remote site hosting the cloud;
The gambling and gaming company is keeping some of its data on-site and some of it resides in the cloud. To improve the speed at
which it can back up and restore its data, the firm has used a data acceleration to reduce the time it takes to back up its data.
The less time it takes to back up data, the more it can save financially – and that’s despite growing data volumes. The larger the
data volume, the more challenging companies, including banks, find it to move data to and from the cloud.

David Trossell, CEO and CTO of data acceleration company Bridgeworks, explains: “The rush to put everything in the cloud and run
the organisation from there has had an impact on internal service-level agreements (SLAs). An example is of the gaming company.
After migrating everything to the cloud, the response for the HQ staff accessing the database in the cloud became unacceptable:
this is purely down to the time it takes to get from the HQ to the cloud, a factor of the speed of light.

“This has been the experience of many cloud-only strategies where databases have been involved. This forced the pendulum back to
what is now a more acceptable model of a hybrid cloud strategy where the critical data still on-premise, but the non-critical data
along with Backup-as-a-Service (BaaS) and Disaster-Recovery-as-a-Service (DRaaS) residing in the cloud.”

So, unlike WAN optimisation, which can’t handle encrypted data, WAN and data acceleration optimise the velocity of data transfers.
Data acceleration also mitigates the impact of data and network latency, which can even have a negative impact on DRaaS. Beyond
data acceleration, the trouble is that there is no efficient traditional way of moving the data around, and the options are often
limited for customers.


System Requirements

Both OsMonitor Server and Client can work on Windows XP, Windows Server 2003/08/12/2016, Windows 7, Windows 8/8.1, Windows 10. Include 32 bit and 64 bit.

Customer Review

We are now using your monitoring software, OsMonitor. It is a great software, we are able to block non-business website, monitor activities of our users, website visited and even snap shots. Majority of our need is provided by your software.