Police backup drives also corrupted in computer crash

Searches continued Thursday for a large amount of apparently irretrievable Royal Cayman Islands Police Service data, with a new revelation that some of the government’s backup drives used to store the information were also corrupted during a major server malfunction.

The Cayman Compass reported Wednesday that five hard drives in a computer server at the government’s Citrus Grove building were affected by a crash sometime in May. The government was able to recover about 4.1 terabytes of data from the 6.5 TB server, but noted another 1.2 terabytes of data were corrupted and apparently could not be recovered locally.

Deputy Chief Officer for the Ministry of Home Affairs Wesley Howell said Thursday that Computer Services Department officials were still scanning drives, seeking to determine what police data was corrupted or lost.

“It appears data was corrupted on some of the backups,” Mr. Howell said.

The Compass learned that several police units, including the Marine Unit, the Joint Intelligence Unit and the commissioner of police’s office, kept data on the Citrus Grove server. However, the specific records held on the corrupted hard drives were still not known by press time Thursday.

Police Commissioner David Baines said he had not received a satisfactory answer regarding what police information from the drives was actually missing.

“I’ve received a fudged response and the answer is basically that ‘we don’t know,’” Mr. Baines said.

Mr. Baines said the Computer Services Department is responsible for routine backup procedures for all civil service agencies, including the police service. The RCIPS does not have its own IT department.

The commissioner was not aware whether any of the corrupted data from the Citrus Grove servers had been backed up.

The government has the option to send the hard drives to the United States, United Kingdom or Canada to assist in recovering the corrupted data. However, Mr. Baines said he wasn’t certain the police should incur such an expense.

“Do I want to spend money to recover operational plans for the Marine Unit two years ago?” he said. On the other hand, if the information involved ongoing police investigations or other sensitive matters, there would be an interest in recovering those, the commissioner said.

RCIPS representatives responding to an open records request filed by the Compass in February revealed the problem with the hard drive crash when information about the request regarding Marine Unit patrol boats relating to the period Jan. 1, 2011, to Feb. 19, 2014, could not be located.

0
0

3 COMMENTS

  1. The explanation from Mr. Howell is not satisfactory.

    While I am not familiar with the disaster recovery and daily backup plans in place for the RCIPS I find it highly unlikely that both the primary and backup data would get corrupted at the same time.

    Basic standards should require that all sensitive or critical data be replicated in some manner to a secondary location (a hot or warm standby location) and that a third (mostly off island) location be used as a cold site to host current backup tapes or data transferred over a secure VPN connection.

    The data in question is either not very sensitive or critical or basic procedures to maintain data integrity and availability were not followed. If the latter is true then many people are going to be out of a job by Monday morning.

    0

    0
  2. Let’s look beyond the RCIPS for a moment. This isn’t a story about any failing on their part, indeed, it was the RCIPS who altered the Cayman Compass to the issue.
    Q1: How much potentially sensitive data does the Cayman Islands Government and the various statutory agencies hold?
    A: Loads
    Q2: Who is responsible for the security of that data?
    A: Computer Services Department
    Q3: Where should we be looking for answers?
    A: See answer to question 2!

    0

    0

Comments are closed.