Inland Revenue abandons ‘insecure’ e-mail facility

Author: By Charles Arthur, Technology Editor

The Inland Revenue has stalled plans to allow millions of taxpayers to communicate with the department by e-mail because of fears that hackers could breach security.

The move follows a six-month trial in which 300 staff at 10 tax offices exchanged e-mails with taxpayers.

Computer Weekly magazine reports today that the Inland Revenue expressed fears in an internal publication that hackers might intercept e-mails, or pose as Nick Montagu, the department’s head, to read and send e-mails.

An Inland Revenue spokeswoman said: “Our staff were receiving 1,000 e-mails a month in a single office, and staff have to adjust their ways of working. And the trial has proved our suspicion … that there is potential danger from people masquerading as others.”

The decision means that 55,000 computers running Microsoft’s Office suite and Exchange e-mail system at a cost of £200m are not being used to their full capability.

It also appears to have put the Inland Revenue behind schedule. Earlier this year the department said a “key objective [is] to provide an e-mail facility for customers to contact their IR office by 2002”, Computer Weekly reports. The Revenue spokeswoman said that objective might have been met by running a trial, .

Four weeks ago, the Inland Revenue had to suspend a system enabling taxpayers to file returns over the internet because of security breaches. Users had been able to view other people’s data on the site.

Revenue staff have complained that being unable to communicate electronically with suppliers or taxpayers is “humiliating” and like “living in the Dark Ages”. A new trial is not expected to be run until next year. Jo Cooke, who is leading trials for external e-mailing, said: “It’s likely to be some time before e-mail can be used to communicate outside the department.”

At the core of the problem is the fact that most e-mails are sent without the “digital certificates” that can easily be generated on any PC to confirm the sender’s identity. Those have been legal since last year but are hardly ever used because software companies cannot usually persuade people to implement them.

View full article here


VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)

Tags: , , , , , , , , , , , , , , , , , , ,

Ezine Article Board

Author:

This author has published 5773 articles so far.

Comments are closed