Another Data Loss

It seems that folks can’t seem to keep track of their stuff anymore and with the easy access to data, it makes is even easier to lose the confidential stuff.  Ottawa’s Montfort Hospital is the latest place to have confidential patient data go missing.  Data breaches are becoming common, with Human Resources and Skills Development Canada losing data on nearly 600,000 student loans earlier this week.

The gut reaction of everyone is that someone, somewhere will find it, put two and two together, steal your identity, clean out your savings account, buy a big-screen TV and then sit on their ass, sending spam email under your name for the rest of time as we know it.  With confidential data, the effects are even more chilling.  Conceivably, the Montfort data loss could allow someone to publish the names and treatments of everyone on that drive.  Would you be embarrassed if it became common knowledge that you were treated for recurring UTI’s and IBS? 

The reason confidential data is lost is dirt-simple:  USB drives or keys that hold a lot of data are as common as lint in just about every office we’ve ever been in. Putting confidential data on a USB drive is about as easy as leaning back in your office chair.  Walking out the door with the data is no harder than taking your car keys out of your coat pocket.  This doesn’t mean that people are deliberately stealing data to resell to Kazakhstani identity thieves, it just means they’re being careless, forgetful or dumb, like most humans.  Which is probably what happened to the Montfort Hospital data.  The drive was lost in a snow bank somewhere when it fell out of a pocket. 

The fix is almost too simple, which is why it hasn’t been done and why there are still serious data loss incidents.  Since I’m a Microsoft guy, forgive me, but we’ll focus on that pathway, as it is is the one we know best.  There are alternatives for other platforms that do the same thing more or less.

It’s called BitLocker to Go and in Windows 7, it can be applied to any USB storage device that can be plugged into a computer.  What it does is apply military-grade encryption to the data, so if you lose that drive, as long as you don’t have the password written on the back of it in Sharpie marker, the data is unreadable.  Yes, all encryption can eventually be broken; nothing is forever, but BitLocker makes it mathematically unlikely that it can be broken in a reasonable amount of time. 

Now, put a big, bold-face asterisk next to that statement.  Most of it depends on the strength of your password.  Having ‘password’ as your password, is about as dumb as it gets.  A complex password, using lower case, upper case, numbers and special characters, as well as spaces, can make things even tougher.  Tougher as in 4032 years, tougher,  By the year 6045, we don’t care if you find out what my identify was, or if I was ever treated for athlete’s foot.

So how do you come up with a ‘strong’ password to protect your stuff?  This site, from Symantec, is a secure password generator.  For giggles, I generated one and this is it:  sU!Ru@ac.  It’s tough enough and almost impossible to guess, as it isn’t my favourite colour, my Mother’s maiden name, or some mishmash of birthdays, anniversaries and collar measurement.  Is it easy to remember?  Hell no.

Thereby hangs the problem: Humans are lazy.  I can’t tell you the number of times I’ve found passwords under keyboards, or written on a pad of paper in an office.  Most of us in IT have stories that will turn your hair white of critical passwords readily found in the clear. 

There needs to be some process in place, with consequences for those who slide on the process.  Users will copy files they ‘need’ to a USB key or drive and just as likely lose them.  The only way to stop them is to break their hands, which tends to have Workplace Compensation Board implications in most offices.  You tend to not get the best candidates for open positions, if part of the interview is the question “Do you mind having both your hands crippled by our Security Department as a condition of employment?”  

BitLocker and BitLocker to Go can be enforced easily with Group Policy Objects.  You can make it impossible for users to plug in their own USB drives or keys.  One organization provides a specific brand and model of USB keys to their staff, with BitLocker to Go already on it, and makes it impossible for any other kind, brand or model of USB device to be usable, except the company-provided one.  This fixes the human problem, at least a bit, by forcing those who insist on copying material off the network onto a USB key, to only use an ‘approved’ key already configured with encryption.  

One other organization I’m aware of goes one step further:  Before a computer gets to a user, the USB ports are filled with epoxy.  You can’t physically plug in a USB drive.  It voids the computer warranty, of course, but they’re willing to go that far.  Desktop chassis’ are locked with a tamper-evident seal and woe betide the user who breaks that seal, even accidentally.  They get an E-Ticket to the Seventh Circle of Draconian Security Hell that starts with the words “Charged with Corporate Espionage” and gets uglier from there.      

To circle back.  Data loss can be prevented easily enough by addressing the technology and the humans.  Make sure there are penalties for moving any confidential data to a USB drive for whatever reason.  Make it as hard as possible to actually get the data off the network.  Make anything that could be a destination as secure as you can with strong passwords and military-grade encryption then make sure everyone understands why as well as the consequences.  

We’re certain hospitals would much rather have a press conference and say “We lost 25,000 patient records, but the file is protected with military-grade encryption.  It sucks, but we’re confident the information is as secure as we can make it.  And the person who lost it, has had their legs broken by the IT department’s Managing Director.”

Fix the technology and fix the human factors.

Karma Time

There are so many different ways to describe karma that we could easily spend the next thousand words plucking it into submission and still wind up with nothing more than used WordPress server space and another post.  We’ll keep it simple this time.

I managed to misplace my electronic pass and transit pass somewhere yesterday.  It seems small enough a hazard of modern life to be unremarkable, but it can be annoying to get another work pass, another photo, then off to the bus company, another photo another pass, standing in lines, explaining to the drones why you need a replacement and, naturally, the paperwork involved.

Of course I looked all over the house, cars and yard for it in a frantic flurry early this morning, but to no avail.  At work today I wore the Badge of Shame, the dreaded T pass, Turkey pass or ‘Tard pass, depending on your preference and tolerance for political incorrectness.  Coming home, I had mentally planned to all but disassemble my car, assuming it had slipped off my belt and fallen in the millimetre slot between seat and console.  Upon arriving home I happened to look up at the windshield of my car, passenger side and there was my pass, placed there by a kind soul who had found it, probably at the end of the driveway and knew that it was important.

There was no note, or explanation scribbled with it:  Just the small rectangular holder, belt clip and passes, under the windshield wiper waiting for me to be in the right frame of mind, at the right place in the right time to see it.  After a small, but grateful thank you to the Karmic deities, I have it back. 

Thank you, kind stranger.  May you get your reward of positive karma when you need it, to brighten your day, as you have illuminated mine.

Mason Baveux and the NHL Strike

You know he wanted to.

Thanks for the bloggery chance again lad to finish off the commentatin on the NHL strike.  The Owners voted to settle up and the Players voted to settle up this week too, so’s they goin to Trainin Camp startin tomorrow, games firin up on Jan 19th with a 48 game season, then playoffs until the friggin end of June if they go seven for the Cup.

I’m a two minds here.  The owners are a bunch of greedy snots.  The players aren’t much better, except they can always argue that their career could end every time they lace up and hit the ice, leavin the paydays behind right snappy.  I suppose you could say I’m semi-sidin with the players, more onside than offside, but I’m callin offside on the owners. 

The owners know they ain’t nobody going to pay $200 a seat to watch them examine a balance sheet or shake hands with a City Counsellor in their private box with the deluxe catering and rivers of booze.

Which brings me back to the whole economicals of hockey.  If you’re a hockey fan and want to go see the Leafs (and whatever they prop up behind the bench as coach now that Burke’s been sent down) there’s a bit of an investment you’ve got to make.

First off, the Leafs suck this year.  Odds are the new coach is as likely to be a terrarium on wheels that they’ll roll behind the bench, wheelin it back and forth each period.  Inside’ll be a turtle or a spotted lizard who’ll do as good a job as anything coachin this collection of players they got.  If the lizard sticks out his tongue, change lines.  If he sits under the heatlamp in the third period, pull the goalie.  Coachin done.  Feed him some raw meat, or likely just a leftover hot dog from a private box.

What I mean of investment, is more in the financial side.  Gettin to the game is $50 for parking.  Seats are $100 at least so you can see the ice in the near distance.  Beer is $14, program is $10 and they’ve got a special on hot dogs.  Their $2 hot dog is now $12.  Or to add up the numbers, if you were inclined to take a family of four to a game, you’re in the ditch about $600 before the players hit the ice and you mumble the words to O Canada. 

For your 6 large you get packed into a sweatbox, surrounded by yahoos, drunkards and truckers with Tourette’s who insist that standing up in front of your kids and swearing is “good for team spirit” up until they puke on the youngest, or pass out face first into a urinal between periods in a Men’s room that smells worse than a latrine trench at the dialysis sleep over camp for the Incontinent. 

Then when she’s all over and the Leafs have lost again, you got a 2 hour wait to get out of the parking and start home in a car that smells like piss, beer, sweat and puke.  And you family.

Frankly, you’re better off to stay home and watch the game on TV, investin the $600 in upfront payments to some Nigerian minister who’s get $10 million of ill-gotten gains he wants to launder through your chequing account. 

I spose this is my way of sayin’ eff this season, I’m not goin to any games.  The NHL can go to hell, get cancer of the eyes, fall down a flight of stairs, break a hip and die in a fire for the 2013 season.  I’m not givin Bettman my money. 

You can call me back in September and maybe I’ll think about it, but right now, to hell with em.  I’ll watch indoor soccer, or stare at the aquarium channel for four hours on game night.

Snow

As a Canadian living in the snowy part of the country, we have snow:  Lots of snow.  Unlike the urban folklore, we do not have 200 words to describe snow.  Nor do the Inuit, (whom some of you refer to as “Eskimos”) in their extensive oral tradition.  We limit ourselves to only a few terms and a bit over a thousand words to explain it all. 

Fluffy Snow: This is the kind that gives downhill ski folk a case of the hot n’ bothereds. Cross-country skiers like it too. Shovelling it is like trying to push a pallet-load of loose cotton balls with a tractor: It goes everywhere and always falls back into the place you’re trying to push it out of, like the driveway.

Wet Snow: Heavy, wet and sticky, a simple shovel-full weighs 80 pounds and if you don’t move it now, it will solidify into a mass that will not be moved until April. We also know it as Heart-Attack Snow, which our hospitals and ER’s dread. Every day a few dozen are rolled in, clutching their chests, hooked up to an AED by the paramedics.  This is because sedentary men try to shovel it out and their primary occupation is listed as “Analyst” or “Bureaucratic Drone”, not “Stoker”,  “Navvy” or “Farm Hand”. 

Snowman Snow:  Kids love it as it is moist and sticky and rolls up perfect, dense globes of snow perfect for the application of a carrot nose, small rocks for eyes and no hat.  Usually happens early in the season when the air is warmer.  It is also the ideal snow for snowballs, which have been banned by Health and Safety for fear someone could have their feelings hurt or their self-esteem bruised.  Snowman Snow always results in a pile of wringing-wet woollen mittens, scarves and toques over the hot air vent in the kitchen.  

Squeaky Snow:  After a few days that fluffy powder coalesces into a solid that squeaks like Styrofoam underfoot.  It also means the outside temperature is –10 C or lower.  The only way to move it is with heavy equipment, air compressor powered chisels, or shaped charges.

Slop/Slush:  In my corner of Ontario, we salt our roads and streets, which turns the snow and ice into slop about the consistency of loose oatmeal or cornbread batter that can’t freeze because the salinity is twice that of the Dead Sea.  Eventually slush will freeze, but not until –40 C or so.  At that temperature it freezes into sharp ridges and boot prints.  If you slip and fall down on the sidewalk, the likelihood of puncturing a lung is high.  Jumping onto a pile of bricks headfirst hurts less.

Snow bank Snow:  In order to exist, we have to put the snow somewhere out of the parking spaces, driveways, roads and sidewalks, so we can move about in our daily activities.  Snow banks are a compressed amalgamation of snow, slush, salt, road grime and the occasional mitten or hat, comingled with the usual crud that lives on the sidewalk.  Think basalt, or exotic kitchen counter stone that has a little bit of everything in it including fossils, unaddressed third-class mail, lightly chopped advertising flyer mulch and that door to door guy who tried to sell you a hot water heater in December. 

Drift Snow:  You can slice this stuff into blocks and build a house with it.  If you drive into this stuff on the highway, expect the air bags to go off.  It is also the best snow anywhere for making snow forts with and for children.  Grownups use it to fill the ice bucket to chill down the champagne, stepping out the back door for a few seconds to grab a pail full from the deck.  In a glass with a little grenadine or crème de menthe poured over it, you have a grownup sno-cone, assuming the snow is clean.  You could use that ancient bottle of Galliano (left over from your notorious Harvey Wallbanger party in June 1983) hiding in the back of the kitchen cupboard to make your own ‘Yellow Snow”    

Yellow Snow:  Just like the little bag of silica crystals in the packaging for the blender says, “Do Not Eat”  Especially if it is found in the middle of the park.

Freezing Rain:  Glaze the neighbourhood in a centimeter-thick layer of ice, everywhere, then drop the temperature to –40 C.  In Ottawa this is called “February” and is usually followed by a blizzard of fluffy snow that sits on the ice as a disguise.  Imagine walking on ball-bearings on a Teflon pan that has been oiled with 5W-50.  You will fall down and with any luck, not face plant into a tree or a brick building.  Invariably two days later, the temperature goes above freezing and all the sheets of ice fall off the buildings downtown, usually decapitating some poor unfortunate who gets whisked up by a sidewalk plow.  We find them around the last week of March.

Corn Snow:  Often produced by snow guns on ski hills, it is the skin equivalent of 20-grit sandpaper when you slide on it.  Who needs dermabrasion treatments to look younger?  Go tobogganing on corn snow for an afternoon.

Effing Snow:  What we get in the first two weeks of March.  Every day for two weeks, just enough to call out the plows and salt trucks to tangle the streets into a morass of front-end loaders, slush and swearing because we’ve had enough of winter.  It is also the time of year when you see able-bodied people standing on eight-foot high snow banks trying to find somewhere within shovel-range to throw snow from the driveway.

Gottdamn Plow Snow:  After you have spent two hours shovelling out the drift from the driveway, unearthed the car and found the approximate location of the front walkway, the City plow or grader comes by.  It is piloted by a grinning sadist wearing an aloha shirt over flannels, ski-doo boots and quilted snow pants, with a battered Leafs toque and a pair of silvered sunglasses that cost more than your car payment.  He proceeds to fill the end of your driveway waist-deep with everything that has landed in the 613 area code for you to dig out by hand, including an ice floe that is cousin to the one that did in the Titanic.

There, a thousand words on snow.