NIS to guard against hackers

[InfoSec News <alerts () infosecnews org>]

http://www.nationnews.com/story/363291867244009.php

7/31/06.

HACKERS WILL HAVE a very difficult time trying to break into the National 
Insurance Scheme's (NIS) new portal which allows workers and employers to 
check their status with the department online.

This assurance has come from NIS director Ian Carrington, who said the 
department had employed the services of a company to try hacking into the 
system and test for any weaknesses.

"We hired a firm that has done work even for the CIA (Central Intelligence 
Agency) in Washington and this kind of work is all they do," he told 
BARBADOS BUSINESS AUTHORITY in an interview.

According to him, while the hired hackers were unable to penetrate the NIS 
system, they did make some recommendations about tightening password usage 
within the department.

"I am pretty comfortable in my mind that what we have done is the correct 
thing but obviously with an institution like this we have to have a 
continuous monitoring process with high levels of security. . . because 
there are a lot of young people out there who will try something; you want 
to know that if they do try something, we know where they have gone, what 
they have seen, and what we need to correct," the NIS boss pointed out.

While not prepared to discuss the cost of introducing the portal, there 
had been much internal analysis on the cost savings of the project.

"What we sought was not to reduce staffing levels but to utilise the 
efficiencies in different areas to address services that we were not 
providing," he said.

Furthermore, Carrington noted, "We are also seeking to do some automation 
of routine benefit matters and then focus on the ones that are not as 
great in number, but much more difficult to process." (GE)


_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com