Data like ditigal water… (2)

Well, the “Digital Water” post produced more emails and responses than anything I’ve written, so I thought I’d continue this line of thought a bit further.  I think the basic notion was pretty well summarized there, so for now I thought I would add just one more fissure in the foundation of the data-can-be-controlled construct.

All the machines, systems, standards and policies that surround IT equipment, use and access control and so on, may be optimally designed, perfectly executed and rigorously followed.  People, process and technology can all work in concert without flaw, failure or even human error.  Like a stone wall that “stops” the progress of a flow of water, it only stops it viewed through the temporal lens of our perceptions as short lived creatures.  Sooner or later, humble little H2O will eat its way, literally, through mountains of rock.   See?

Courtesy of the Cedar City Tourism Bureau Web site

Well all those policies, procedures and technology similarly have a temporal aspect that “runs out” in far less than the millennia it takes water to wear down stone.  That timeframe is roughly equivalent to, let’s say, the useful life of a device in an industry that intentionally obsoletes everything at breathtaking speed.

What do I mean?  Well, let’s take the humble photocopier – what does it do? As its name implies, it photographs documents, then stores the image on a hard drive, then prints that image on a new piece of paper.  Given the quality of the images needed to produce good copies, the full color we all want, the big stacks of documents in corporate offices, is it any wonder that the hard drives in these things are large, and may retain an awful lot of data in them?

The vendors have every incentive to sell or lease you their newest copier with even higher resolution and an even bigger hard drive, and will happily take the old one away and drop off the new one (think car salesmen – “drive it, tow it or drag it in, even if it doesn’t work. We’ll pay off your trade no matter how much you owe!)

What could possibly go wrong in this model?  Like the water taking its time to carve the grand canyon, when the temporal (and artificial) constraint of “while it’s here in our office” is removed and the perspective is broadened to the life of the device, the notion of keeping data secure on office IT systems becomes more than a bit suspect.

Here‘s a fun recent example from “News of the World” in the UK.  They undertook:

“buying a cheap second-hand copier from a dealer and [found] it crammed with records from a Government-linked defence firm.  Worse still, like thousands of other office copiers, it was destined for export abroad to FRAUD hotspots in West Africa.”

Read the full story.  Depending on your view, it’s either depressing, or a testament to the inexorable will and solvent power of (Digital) water….

Disclaimer: The views expressed on this blog are mine alone, and do not represent the views, policies or positions of Cyveillance, Inc. or its parent, QinetiQ-North America.  I speak here only for myself and no postings made on this blog should be interpreted as communications by, for or on behalf of, Cyveillance (though I may occasionally plug the extremely cool work we do and the fascinating, if occasionally frightening, research we openly publish.)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: