National Audit Office suggests improving the security of government databases

Toomas Mattson | 1/26/2009 | 12:00 AM

Text size: [-A] [+A]

Language: EST | RUS | ENG

Print

TALLINN, 26 January 2009 - The National Audit Office (NAO) has performed an audit of the procedures for ensuring the security of government databases and supervisory control over officials using the data. According to the NAO, the internal security systems of the inspected databases need further improvements so that the data of people contained in the national public records would be properly protected against misuse.

In many cases, however, the deadlines for ensuring and assessing the security of information systems have not been met; it is difficult or impossible to supervise the handling of data. As long as employees can log into a database by using common usernames and passwords, it is not possible to verify who exactly entered, altered, transmitted, consulted or deleted the data, however, this is essential for determining responsibility. Database reliability and a clear assignment of responsibility for the users should help prevent misuse. Database administrators have already set to tackle the problems highlighted by the NAO.

Database administrators must make sure that people’s records are protected against misuse. The information system of a database must be reliable and secure. It must be possible to track all access to or processing of data, including consulting, altering, destroying, transmitting etc, so that later on it could be identified who, when, how or why processed what kind of data.

The NAO has assessed the functioning of the internal security system which must safeguard the accuracy and storage of data and prevent their leakage.

A major breakdown of information systems or leakage of sensitive data may erode public confidence overnight, which in turn may lead to backlashes in the development of the e-state as other countries have already experienced.

Toomas Mattson
Communication Manager of National Audit Office
Telephone: 6400 777
Mob: 51 34900
E-mail: toomas.mattson@riigikontroll.ee

  • Posted: 1/26/2009 12:00 AM
  • Last Update: 8/28/2015 10:28 PM
  • Last Review: 8/28/2015 10:28 PM

More News