TDs will be offered data encryption
As part of the encryption blitz set to take place over the coming months, all Oireachtas staff will automatically have protective software installed on their office PCs and laptops.
However, elected members cannot be compelled to take up the offer and will have to hand over their computers voluntarily to allow IT experts to complete the work.
“The obligation lies with the data controller,” explained Oireachtas head of IT, Charles Hearne. “So while we are responsible for data issued to staff, if a TD has a letter from a constituent on their laptop, they are responsible for that.
“It’s not mandatory for the members but we are fairly confident that most of them will want it. I think everyone now knows the importance of protecting data.”
The moves comes as Bank of Ireland continues to face criticism following the theft of four staff laptops containing personal details of 31,000 customers, none of which was encrypted.
In February the Irish Blood Transfusion Service revealed the theft of an employee’s laptop that contained the details of 171,000 donors. Although that information was encrypted, questions were asked why so much personal data was held on a single device that was a ready target for thieves.
The biggest security scare of all, however, happened in Britain last November when unencrypted computer discs containing details of half the population were lost by Revenue and Customs.
It also emerged earlier this year that 80 laptops had been stolen from individual British government departments and staff over the past five years, although officials said no sensitive information had been compromised.
Mr Hearne said the Oireachtas had looked at encryption proposals prior to these incidents but that a decision was made to proceed after recent scares. “We don’t want to be the body that has data stolen or falling into the wrong hands. It’s trying to be proactive rather than reactive.”
Software suppliers have been invited to tender for the contract to provide encryption technology within the next three weeks. The contract is expected to be awarded shortly to allow work begin in the summer.
The tender specifies that the encryption solution must support up to 600 devices used by the elected members, parliamentary staff and Oireachtas office staff. The figure is to cover future purchases of laptops and PCs as well as the encryption of existing hardware.
The cost of the exercise has not been disclosed but Mr Hearne said it would be more time-consuming than financially draining because of the number and variety of people and devices involved. “Data encryption is relatively simple, very effective and relatively cheap, particularly when you consider the risks associated with not doing it.”
CONNECT WITH US TODAY
Be the first to know the latest news and updates
