Including Security as key consideration when designing web related processes
It was reported yesterday that information relating to the monthly Barometer published by the Spanish CIS (Centro de Investigaciones sociológicas) was leaked. The Chairman of this Government organization has initiated an investigation to clear if there has been a security breach. The blogger that published the information in advance has apologized for all inconveniences caused and explained that he did not have any access to privileged information. He explained that he just “guessed” the URL where the report had been posted because they always follow the same structure.
At Panda Security we are very much aware that Public Administrations (and also companies in the private sector) increasingly use the web as an information and service platform and, unfortunately, security is not always a top priority. Sometimes it is due to the lack of maturity of the service and sometimes it is simply not taken into consideration appropriately.
Too often this issue would be solved working with security specialists when designing web related processes and procedures. The leak of a voting intention pool is not that big of an issue; however having personal data up for grabs by the bad guys would be a very different story…
![[Post to Twitter]](http://www.pandainsight.com/en/wp-content/plugins/tweet-this/icons/tt-twitter.png){kind=icon}
