Phil,
I would be careful with DLN. You are providing enough information for identity theft. The Name and DLN could be use fraudulently.
http://www.bustathief.com/drivers-license-fraud/
Best,
Lawrence
-----Original Message-----
From: The UK Records Management mailing list [mailto:[log in to unmask]] On Behalf Of Phil Bradshaw
Sent: 20 May 2011 11:20
To: [log in to unmask]
Subject: FTP and Personal data
We have a contract wth a company that manages and hosts tachograph data for some of our drivers. we have done due dilidence and have a data processing agreement. However the data transfer is done by FTP :
1. Driver uploads his data to one of our PC's
2. It is then transmitted by FTP direct to the host
Data is essentially driver name, driving licence number, and hours worked. Not sensitive and not likely to be of much interest or embarrassment if leaked / intercepted. Nevertheless FTP is inherently unsecure and sent in clear text which can easily be intercepted, should anyone wish to sniff it out.
Views please on whether we are breaching principle 7 or given the nature of the data are our methods 'appropriate'.
To view the list archives go to: https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=RECORDS-MANAGEMENT-UK
To unsubscribe from this list, send an email to [log in to unmask] with the words UNSUBSCRIBE RECORDS-MANAGEMENT-UK
For any technical queries re JISC please email [log in to unmask]
For any content based queries, please email [log in to unmask]
Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.
To view the list archives go to: https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=RECORDS-MANAGEMENT-UK
To unsubscribe from this list, send an email to [log in to unmask] with the words UNSUBSCRIBE RECORDS-MANAGEMENT-UK
For any technical queries re JISC please email [log in to unmask]
For any content based queries, please email [log in to unmask]
|