FutureFive New Zealand - Consumer technology news & reviews from the future
Story image
Deloittes damage control over Govt computer security
Wed, 17th Oct 2012
FYI, this story is more than a year old

The Ministry of Social Development has appointed Deloittes to review its computer network security to assess the damage caused by a privacy breach at Work and Income.

Following a warning 18 months ago about a breach in the security of its computer kiosks, the government's IT head has been tasked with limiting any privacy losses.

“The review will happen in two phases. The first will deal with the immediate issue regarding the security of our public kiosks," says Brendan Boyle, the Ministry’s CEO.

"Deloittes will look at what happened, how secure information was able to be accessed, and will determine why it happened and what steps we need to take to ensure it can’t happen again."

“The second phase will involve a broader look at security across all the Ministry’s IT systems, including policies, governance and culture.

"This second phase will take longer and more work needs to be done on the scope of this part of the review.

“We received a report from Dimension Data in April 2011, which identified flaws in our system. We will be asking Deloittes to determine what we did to follow up this report’s recommendations and whether our response was adequate.

"Since yesterday afternoon I have received further information that means I am not confident that we took the right actions in response to Dimension Data’s recommendations on security. I will look to the review to provide me with the answers.

“I can confirm that KPMG was not engaged to penetration test our public kiosks. They have, however, been engaged in doing testing on other parts of our system.

“Our immediate aim is to resolve any security problems and restore public confidence in our systems."