I've just been forwarded a copy of a rather interesting email that appears to have been sent by a Security Advisor at the Department of Work Pension to staff reminding them of the security polcies around the transfer of public data of a sensitive nature. It appears, as the email states, that some people at DWP are complete morons (emphasis mine).
Following the HMRC incident last November, increased security measures have been put in place for dealing with data transfers both clerically and electronically.Idiots, morons, fools, etc etc. Don;t worry about ID cards though. It will be impossible to hack!
All staff should be aware of Security Notices 02/07 and 03/07 that were issued by the Departmental Security Team in December. This guidance covers data transfers and use of courier services. Information in these notices should be adhered to, in order for us to protect our customer information and the integrity of the Departments’ Security practices.
I have been advised of instances where password protected data has been sent out with the password being sent separately as detailed in Security Notice 02/07. However, once the data and the separate password are received, staff are then forwarding the data and password on together, this defeats the purpose of the security measure entirely.
Could I ask you to remind staff of the heightened security surrounding data transfer and ensure that data and passwords are sent separately.