Security breaches threaten NZ e-government

The security breach at New Zealand's Ministry of Social Development last week was nothing short of an embarrassment.
Written by Darren Greenwood, Contributor

The security breach at New Zealand's Ministry of Social Development last week, first reported by a blogger who was tipped off by a political activist, added to the earlier humiliations over data breaches at the government's accident insurance department.

Naturally, investigations have been ordered into how it occurred, in an attempt to prevent such a thing from happening again.

Certainly, when the New Zealand government is pushing e-government in a big way, it is paramount that the public, who will be expected to use and perhaps be pushed into using these new e-services, have confidence in them. Otherwise, New Zealand will not see the promised benefits.

This kind of thing must be above party politics. Opposition politicians may tweet and try to score political capital over this latest breach, but the New Zealand Labour Party cannot be trusted on data security either, as another blogger revealed recently.

Inquiries may lead down corridors that favour neither the political left nor the right.

Will the government ever be capable of dealing with security, or must technology be taken out of the hands of Wellington and passed on to the experts?

Perhaps the government has failed to pay its IT staff enough, so that it doesn't get the professionals with sufficient skills to do their jobs properly. Is it trying to do things on the cheap?

Certainly, no stone should be left unturned with these inquiries.

When hundreds of millions, if not billions, of dollars are to be invested in e-government, then the costs of outsourcing or paying staff more is, relatively speaking, chicken feed.

The latest breach has also called into question the role of ethical hackers, and paying bounties to those who spot security holes.

With the failure of earlier security audits to spot problems with the Ministry of Social Development, it seems that white hat hackers and the payment of bounties to ethical players would be a responsible development. It appears to be standard practice for other organisations, too.

Government, the opposition, and unions must enter the investigations with open minds. The terms of reference for the inquiries must be broad, so that anything and everything is considered.

The future of e-government in New Zealand is at stake, and without it, the country cannot move into a more efficient online age.

Editorial standards