3

One of the more interesting arguments currently rumbling around the office is the lack of backup for the HR person's laptop.
This contains a copy of the contract and other HR type info on every member of staff we've got working here. It's certainly confidential information, some of it contains NI and healthcare details, as well as bank account information and other personal records.

After a developer's laptop was stolen last month , I've had cause to look in more detail at the backup (or lack of) for the various services around the office.

Management think that Dropbox would be a good solution, as they claim to be secure, but I'm decidedly unsure where the law (and Data Protection Act) actually lie on this.

I was under the impression that you're not allowed to let the documents in question leave the site/country/EU. So dropbox would be no good, as they're based in the USA, and probably Amazon S3 backed.

Quick info:

  • We're UK based, with operations in the EU (DK)
  • Management would like online access, granular as possible, one user creator, only they can access that document/folder, one globally shared folder, as well as group-based access lists.
  • I would like anything that's properly secure, tested, Hard Cryptography (AES)
  • Dial-in IPSEC VPN access would be nice, HTTPS would probably do too.
  • A solution that's not going to cause us to get sued by the Information Commisioner if things go balls up.

Anyone got any ideas? Done this before? Should I just build a server and store it somewhere in the office, or a dedicated server in a UK datacentre?

Community
  • 1
Tom O'Connor
  • 27,440
  • 10
  • 72
  • 148
  • 1
    Encryption and backup are two different but related things. If you have someone wandering off site with sensitive information I'd first get that thing encrypted before it's stolen and make sure it is set to force a password when it wakes and goes to screen saver. – Bart Silverstrim Dec 20 '10 at 12:54
  • @Bart That would really annoy the users.. I love it :) – Tom O'Connor Dec 20 '10 at 13:01

2 Answers2

2

Turn the assumptions around for a moment - why does confidential data need to leave site at all? Why not just create a Terminal Server, connectable to the web via VPN, and have people connect to that to access confidential data and applications?

Rob Moir
  • 31,664
  • 6
  • 58
  • 86
  • For that to work, I'd have to have a server in the office.. I can't ever see $management thinking that's a good idea (despite our lovely rack). . ADSL only into the office is a bit of a bummer. I like the idea, might give me some leverage to get the domain controllers sorted out too. – Tom O'Connor Dec 20 '10 at 12:30
  • Yeah, it's not a trivial undertaking but it does work very well, and it really does solve the data problem properly. We do it here and we've been very pleased with it. – Rob Moir Dec 20 '10 at 12:47
  • What about disasters like fires and floods? Isn't remote backup important? – nealmcb Jan 05 '11 at 03:49
  • @nealmcb yes clearly backup is important, my reply was in the context of secure access to data for remote working - and data can still be backed up locally onto encrypted tapes and then moved to an offsite store... – Rob Moir Jan 05 '11 at 06:40
1

First off, DropBox does not seem to be Safe Harbor-compliant, so storing anything covered by the DPA would be a breach of DPA responsibilities.

You're allowed to ship (some types of) documents (electronically) to the US, as long as the other end is Safe Harbor-compliant (and registered). I don't know if this covers healthcare details, but it's certainly enough for "name, address and phone number" (or, was, when I was looking in to the relevant regulations back in 2006, as work was considering off-shoring backups to a US data centre).

I suspect that what you'd want to do is a combination of the following:

  • Backup software installed on all "work stations" (stationary computers as well as laptops).
  • Encrypted hard drive on all laptops (ideally also requiring a BIOS password on boot).
  • The backups should be on at least two separate blobs of storage, maybe one on a server in the office and another in a remote (UK) data centre.
  • The exact backup software doesn't matter too much, look for something that provides roughly the requirements you have and ask if you can have a demo license for a test run (single server, 2-3 test machines, intentionally wipe stuff and try to recover).
Vatine
  • 5,390
  • 23
  • 24