Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Location: Jonquil City (aka Smyrna) Georgia- by Atlanta
16,259 posts, read 24,752,651 times
Reputation: 3587
Advertisements
Now it is peoples passport files. Before it was IRS employees "browsing" at people's personal information. My question is this: WHY in HELL are CONTRACT employees given access to our private information? This has to STOP!
First of all CONTRACT employees should NOT have access to any American's personal records. If the job requires such access it should be performed by a full time civil service employee. Civil service career workers are far less likely to break the law and snoop because that would be the end of a very good career in government service. Contractors are usally poorly paid temps who have no benefits and really don't care.
Secondly the LAW on this needs to be mandatory- if we catch you snooping, you WILL be fired and you WILL go to jail period! And regular audits should be performed on each employee with access. Nothing can be more "business like" than a superior calling in employees and saying "an audit shows you pulled this file up today and you were not assigned to this file". Why did you pull it up?
Many companies (and governments) hire contractors for specific, specialized jobs, such as database administration, PBX maintenance, etc. It's not cost effective to hire someone full time for these tasks, as there's not usually 40 hours worth of work to do in a week, plus the fact that these specialists often draw very high salaries ($100k+ is common).
I worked for a couple years as a contractor for one of the largest banks in California. During that time, I had administrative access across their entire network - it was required for me to perform the job they hired me to do. I could have stolen a lot of personal banking information if I wanted to... Data that I would think is much more sensitive than where someone's been or what their passport photo looks like.
This scenario is not uncommon in any environment with a lot of technology. The risk is there, to be sure, and it's unnerving. The reality is, though, that it's a necessary evil in the high-tech world we live in. In this case, there was an incident with political ramifications. That's the only reason that it's newsworthy.
Now it is peoples passport files. Before it was IRS employees "browsing" at people's personal information. My question is this: WHY in HELL are CONTRACT employees given access to our private information? This has to STOP!
Arent you one of those individuals who is all up in arms for national health care? NEWS FLASH.. The proposals for national health care is ALL CONTRACT employees..
Arent you one of those individuals who is all up in arms for national health care? NEWS FLASH.. The proposals for national health care is ALL CONTRACT employees..
Also a big propponent of the Real ID card from what I hear. Chip and all...
Kind of choosy about your privacy, eh there Kev Dogg?
Location: Jonquil City (aka Smyrna) Georgia- by Atlanta
16,259 posts, read 24,752,651 times
Reputation: 3587
Quote:
Originally Posted by pghquest
Arent you one of those individuals who is all up in arms for national health care? NEWS FLASH.. The proposals for national health care is ALL CONTRACT employees..
I am for publicly financed private healthcare. There is a difference.
Location: Jonquil City (aka Smyrna) Georgia- by Atlanta
16,259 posts, read 24,752,651 times
Reputation: 3587
Quote:
Originally Posted by swagger
Many companies (and governments) hire contractors for specific, specialized jobs, such as database administration, PBX maintenance, etc. It's not cost effective to hire someone full time for these tasks, as there's not usually 40 hours worth of work to do in a week, plus the fact that these specialists often draw very high salaries ($100k+ is common).
I worked for a couple years as a contractor for one of the largest banks in California. During that time, I had administrative access across their entire network - it was required for me to perform the job they hired me to do. I could have stolen a lot of personal banking information if I wanted to... Data that I would think is much more sensitive than where someone's been or what their passport photo looks like.
This scenario is not uncommon in any environment with a lot of technology. The risk is there, to be sure, and it's unnerving. The reality is, though, that it's a necessary evil in the high-tech world we live in. In this case, there was an incident with political ramifications. That's the only reason that it's newsworthy.
There is a difference here. I can tell my bank to go to Hell if they breach my privacy and find another bank. I do not have that option with the IRS or the Passport office. Technology should be that, if a contractor works on a data system that they only get access to "need to know" information. A Cisico CCNA working on a router or subnetting an IP address does not need access to my account information to fulfil his job.
Technology should be that, if a contractor works on a data system that they only get access to "need to know" information. A Cisico CCNA working on a router or subnetting an IP address does not need access to my account information to fulfil his job.
You missed the point, Kev.
First of all, not every IT contractor is a network guy/girl. Even if that were the case, you do realize that it's trivial to monitor/capture network traffic to glean "sensitive" data, right? It's particularly easy if you have access to a router that the data's passing through... Anyway...
Let me put it another way. Using this incident as an example to build upon, let's assume that the State Department keeps all this data in an Oracle database (which is actually pretty likely). Oracle DBAs aren't plentiful and don't come cheap. Rather than hiring one at $180k/year to do 15 hours of work per week, they bring in an outside contractor to do the job. This contractor MUST have "access" to the information in that database in order to perform maintenance on it. There's no way around it.
All you can do is have them sign agreements, turn on an audit trail and make sure you're aware of what they're doing, as is what obviously happened in this case.
It doesn't matter if it's a bank or a government office - the technology is the same, as are the requirements to maintain that technology. Nobody ever said it was a perfect system - it's far from it - but there are certain risks that have to be taken in order to work efficiently and provide the services that consumers/citizens require.
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
