§ Mr. Menzies CampbellTo ask the Secretary of State for Social Security what action he is taking to ensure the safety of his Department's computer system from penetration by computer hackers.
§ Mr. Peter LloydMost of the Department's existing computer systems are batch processing systems and are 457W therefore not susceptible to hackers in the same way as on-line systems. However, the Department has now begun to implement the operational strategy, a major programme of computerisation which will provide on-line services for all social security offices. In devising the strategy, great care has been taken to ensure the security of data within the systems. Access will be limited to authorised users by means of passwords and personal identification devices. Further protection against hackers, who normally attempt to enter a system by trying a series of passwords, will be provided by an additional security device which will "lock-out" the terminal after three unsuccessful attempts to enter the correct password. External users are unable to dial directly into a system. A dial-back facility is imposed which will prevent access from unauthorised terminals.
A system of access permission has also been built in which will limit the data to be accessed by authorised users and a record of transactions will be made enabling management to monitor access to data.