Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Wednesday August 30 2017, @10:18AM   Printer-friendly
from the are-you-kidding-me? dept.

Sweden's Transport Agency moved all of its data to "the cloud", apparently unaware that there is no cloud, only somebody else's computer. In doing so, it exposed and leaked every conceivable top secret database: fighter pilots, SEAL team operators, police suspects, people under witness relocation. Names, photos, and home addresses: the list is just getting started. The responsible director has been found guilty in criminal court of the whole affair, and sentenced to the harshest sentence ever seen in Swedish government: she was docked half a month's paycheck.

Story here:
https://www.privateinternetaccess.com/blog/2017/07/swedish-transport-agency-worst-known-governmental-leak-ever-is-slowly-coming-to-light/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by canopic jug on Thursday August 31 2017, @06:00AM (1 child)

    by canopic jug (3949) Subscriber Badge on Thursday August 31 2017, @06:00AM (#561986) Journal

    All that IT stuff is someone else's problem. All those annoying IT people wringing their hands about bugs and security are located somewhere else (away from me). We have a contract and I have someone outside the organization to blame. The cost is a fixed and predictable payment. I get to reduce headcount (and therefore show an improvement in efficiency). Win-win-win-win. It's all just wins!

    Even better, all those IT people contracted outside the organization are 100% dependent on that one single contract which I have sole control over. Keep me happy and back me up in all political in-fights and I will renew that contract every time. Again, win-win-win-win all around.

    --
    Money is not free speech. Elections should not be auctions.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2, Informative) by pTamok on Thursday August 31 2017, @07:00AM

    by pTamok (3042) on Thursday August 31 2017, @07:00AM (#561997)

    Well, actually, outsourcing contract renewal times are interesting.

    If you outsource to a small player, you do have more power, but the likelihood of them going bust or being taken over by a large player goes up. If they go bust, your IT services can be turned off unexpectedly, and permanently, which normally has bad repercussions for the organisation buying the outsourced IT services.
    If you outsource to a large player, (or to a small player taken over by a large player) who is less likely to go bust or be taken over, when contract renewal time comes, they are not dependant on your business: at which point, any sweetheart deals made to get you on board can be taken away. Your organisation's IT (and operations) are too entwined for easy withdrawal, so you end up having to accept different conditions. It's also well known how expensive modifications to outsourced contracts can suddenly become.

    Overall, if you need to keep control of your IT, outsourcing is a high-risk strategy. Having your own data centres and IT staff that you control does, funnily enough, give you more control than buying services from an outsourcing supplier*. It is, also, more expensive, so there is a risk calculation - do you accept the risk of outsourcing going horribly wrong, at the benefit of (usually) lower cost, making your organisation more competitive in the market - or do you maintain control. From an MBA's perspective, buying a service and thereby reducing direct headcount and the buying organisation's operational complexity looks like a 'slam-dunk' good thing.

    *In principle, you can generate any degree of control you require via the outsourcing contract. In practice, outsourcing contracts seem to be quite difficult to get right, and few organisations publicise the mistakes they make. They can even be under NDA.