Saturday, July 21, 2018

Computer security

I am not bothered about the personal data that is stolen from the SingHealth database.

My data is probably among the 1.5 million records that were stolen. So what?

If anyone wants to know my NRIC, address, date of birth, gender or race, they can find it from other sources. They are not confidential information.

I do not bother if they get access to my prescriptions. What for?

Somebody said that the data can be sold to pharma companies for commercial purpose. Really? Would a pharma company take the risk of committing a crime by buying stolen data?

I am asked to provide them in many forms that are asked by government agencies and commercial organizations. I get angry because the information is not necessary for the transaction.

I have to give my NRIC when I visit a commercial building. I find it to be unnecessary and an unnecessary imposition on my freedom of movement. But it is probably being asked due to some old regulation created by the government, and the minister did not bother to review it.

I agree that there should be some degree of protection against hacking of database. But we do not need to get overboard. I object to excessive security measures that cause inconvenient to the ordinary users, but are helpless against criminals.

Why do we spend a lot of money on measures that are not really necessary?

I am worried about access to my bank account, but this is protected by a 2FA token. I find it acceptable.

However, I do not find it acceptable for the bank to verify my identity if I am calling to ask about a product that they offer. But they do it routinely, by following some SOP blindly anyway.

When will we apply our common sense? It seemed to be lost in our decades of world class education system.

Tan Kin Lian

http://tklcloud.com/Feedback/feedback2.aspx?id=240

No comments:

Blog Archive