Your shout: ID cards, file swapping and asset management

Readers' views on the week's news

Why use new ID card data on old, badly run systems?

Karen Challinor, Partner, Box Technic IT Solutions

With regard to Bill Goodwin's article, "U-turn cuts risks of ID card scheme" (Computer Weekly, 23 January), I would ask why, if the government's new approach of data sharing and using existing database systems is so sensible, why wasn't it adopted from day one?

Why was the original plan defended with such vigour and not allowed to be subjected to the same scrutiny in parliament as every other motion put before it?

But James Hall, chief executive of the Identity and Passport Service, "stressed that there were no plans to use existing, often inaccurate, data on government systems, but to gather the ID cards data anew".

So, on the one hand, the government admits that the existing systems are so badly managed, so overstretched and so insecure that the data held on them has become so corrupt and inaccurate as to be useless for any practical purpose. And on the other, it announces plans to use those very same overstretched, insecure and badly managed existing systems to hold the freshly gathered data from the enrolment of people in the ID card scheme.

This will allow greater security of the data according to Hall. How exactly does he intend to guarantee this security and also prevent the degradation of the new data?

The article also states, "The business case for ID cards has also been updated, and it will be subject to independent scrutiny through the Office of Government Commerce Gateway review process in the early part of this year."

The last time I looked, the results of two of the four Gateway reviews of the project so far had been requested by parliament. The data protection registrar had found no reason to deny this request. The Labour Party, on the other hand, was - and still is - fighting tooth and nail to prevent the release of the reviews by any legal means at its disposal - apparently to prevent people forming the misconception that the ID card scheme is anywhere but on track.

My question is, what is the use of a Gateway review if no one, including parliament, is allowed to see the report?

Don't overlook copyright issue of file swapping

Nick Cockayne, UK IT support manager, WSP Management Services

Thank you for the interesting article "Working with the iPod generation" (Computer Weekly, 23 January). However, I think you have missed a major issue - aside from that of security - which is the storage and sharing by staff of copyrighted material. This will become a major risk to companies.

At my company we are trawling through reports of MP3, WMA files etc, which we have found stored on PCs and even file servers. End-users can easily transfer these from an iPod to the desktop, or copy CDs to the desktop.

We are devising a policy based on advice from the recording industry group IFPI and will be looking for buy-in from our colleagues in the business to eradicate this problem.

Asset management is key to software licence clarity

Chris Minchin, Techam

I am writing following Stephen Glathe's letter (Computer Weekly, 23 January) regarding the headache of software licensing.

I agree that the area of software licensing seems to have been weighted in favour of the publisher, with long and complicated licence agreements and little assistance in understanding them, coupled with perceived heavy-handedness in the event of a licence breach.

There is much that can be done to improve the relationship between publishers and customers. In essence, the publisher wants the correct payment for its product and we want to be able to align our software with our business goals in a compliant manner.

I have worked with many organisations in this area over the years and there is an obvious pattern emerging. The publisher contacts the company and carries out a sample audit. It then suggests that the organisation is using x number of its products based on the findings and that the business needs to prove otherwise.

The business will often have poor or no software asset management in place and will end up writing a cheque for the shortfall. Everyone walks away happy. The publisher has his correct fees for perceived product usage and the organisation has removed the perceived wolf from the door for another 12 months.

Organisations rarely allocate enough budget to making sure that they do not overpay, but hopefully initiatives such as the new ISO19770 software asset management standard will help to raise awareness.

Answer back

Do you have a fresh take on someone's opinion on this page, or something to say about a Computer Weekly article? E-mail [email protected]. Please include a daytime phone number.

Read more on IT risk management