Sending data by post not such a bad thing

AusCERT's privacy blunder with its lost DVD doesn't necessarily mean sending data through the post is a bad thing; there are some advantages that shouldn't be overlooked.
Written by Michael Lee, Contributor

commentary The news that AusCERT lost a DVD full of subscriber information in the mail has left many shaking their heads, but the idea of sending sensitive information through the mail might not be such a dumb one after all.

We all questioned why it was necessary to put the information on DVD, but, thinking about it a little more, it makes perfect sense. The best way for something to get out of control is for it to appear in some form on the internet — so why take that risk at all?

Many of us would use an email to provide a co-worker with a password for a service that we don't care that about that much, even though we'd know that this would leave a record of the password on the internet. But in regards to a service that we actually care about, we'd probably physically walk over and log in for our colleague, typing the password ourselves.

It's not best practice, or even great security — but it does demonstrate that we sometimes take great steps to remove passwords that matter from online communications, like emails.

With this in mind, I wouldn't be so fast to call AusCERT's choice of delivery "stupid". The organisation could certainly have implemented better security, such as encrypting the data, placing the DVD in a tamper-evident pouch and sending it via a private courier instructed to take a certain route, deliver by a certain time and be escorted by highly paid security guards. But we're not talking nuclear launch codes here.

In my conversations with Securus Global's practice manager Steve Darrall earlier this week, he said that it is important for the level of security to match the sensitivity of the data. So, what's the right level in this case? He said that he probably wouldn't have sent it through the mail, but, if he had to do it this way, he would have made sure that all of the information was encrypted and the package was tracked, either by using Australia Post's tracking system, if it met his requirements, or via a courier.

Pure Hacking CTO Ty Miller also emphasised that anything being sent through the mail should have strong encryption, recommending the use of large, asymmetric keys to solve the problem of having to communicate keys securely. He recommended PGP as one such program that could be used.

While AusCERT missed the mark by failing to encrypt the data, I think it's unfair to dismiss the advantage that keeping data offline can bring. Barring social engineering (which is an issue online or off), a trusted employee dropping off a sealed envelope on their lunch break gets the job done, and perhaps even gives the customer that old-fashioned personal touch that businesses sometimes forget in this fast-paced world.

Editorial standards