Stories
Slash Boxes
Comments

SoylentNews is people

Swedish Agency Moved Nation's Secret Data to “the Cloud”

posted by cmn32480 on Wednesday August 30 2017, @10:18AM   Printer-friendly
from the are-you-kidding-me? dept.

Rich26189 writes:

Sweden's Transport Agency moved all of its data to "the cloud", apparently unaware that there is no cloud, only somebody else's computer. In doing so, it exposed and leaked every conceivable top secret database: fighter pilots, SEAL team operators, police suspects, people under witness relocation. Names, photos, and home addresses: the list is just getting started. The responsible director has been found guilty in criminal court of the whole affair, and sentenced to the harshest sentence ever seen in Swedish government: she was docked half a month's paycheck.

Story here:
https://www.privateinternetaccess.com/blog/2017/07/swedish-transport-agency-worst-known-governmental-leak-ever-is-slowly-coming-to-light/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Swedish Agency Moved Nation's Secret Data to “the Cloud” | Log In/Create an Account | Top | 29 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Informative) by pTamok on Thursday August 31 2017, @07:00AM

    by pTamok (3042) on Thursday August 31 2017, @07:00AM (#561997)

    Well, actually, outsourcing contract renewal times are interesting.

    If you outsource to a small player, you do have more power, but the likelihood of them going bust or being taken over by a large player goes up. If they go bust, your IT services can be turned off unexpectedly, and permanently, which normally has bad repercussions for the organisation buying the outsourced IT services.
    If you outsource to a large player, (or to a small player taken over by a large player) who is less likely to go bust or be taken over, when contract renewal time comes, they are not dependant on your business: at which point, any sweetheart deals made to get you on board can be taken away. Your organisation's IT (and operations) are too entwined for easy withdrawal, so you end up having to accept different conditions. It's also well known how expensive modifications to outsourced contracts can suddenly become.

    Overall, if you need to keep control of your IT, outsourcing is a high-risk strategy. Having your own data centres and IT staff that you control does, funnily enough, give you more control than buying services from an outsourcing supplier*. It is, also, more expensive, so there is a risk calculation - do you accept the risk of outsourcing going horribly wrong, at the benefit of (usually) lower cost, making your organisation more competitive in the market - or do you maintain control. From an MBA's perspective, buying a service and thereby reducing direct headcount and the buying organisation's operational complexity looks like a 'slam-dunk' good thing.

    *In principle, you can generate any degree of control you require via the outsourcing contract. In practice, outsourcing contracts seem to be quite difficult to get right, and few organisations publicise the mistakes they make. They can even be under NDA.

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Total Score:   2