February 29th, 2008
Oil field data loss just common theft
Sighs of relief can be heard coming from Brazil this week as police arrested four men (port security guards) responsible for heisting some computers that had lots of data from the newly discovered mega-oil-patch off the coast of Brazil.
Way back when I was an industry analyst I remember fighting the battle against universitites about so called academic freedom and firewalls. The argument ran that places of higher learning should not erect barriers that would limit access to information. That laughable theory applied to IT security has long since been discredited but the horrifying aspect was that the idea of no-firewalls was also present in major US government agencies such as the US Geological Survey, which is part of the Department of the Interior.
The USGS IT guys proudly told me that they were a research organization made up of scientists who would not abide firewalls. In further discussions they revealed that every oil and gas exploration company was required to store copies of their GIS data with USGS. I found this frankly horrifying because in all my travels I had found that oil and gas companies have the best security of any industry and they recognize the value of their data and go to extraordinary measures to protect it. And here I find that they are all sharing that data in an unsecured repository.
This was in 2002. I am sure that by now the USGS has instituted some protections around that data. They may even have firewalls.
Update: Stiennon’s blog has moved to here.
Richard Stiennon is an industry consultant. See his full profile and disclosure of his industry affiliations.
