This website provides information and news to SCC users of Westminster.
Westminster is very secure
The issue of security of personal data within database systems has been the subject of much recent publicity, particularly the recent loss of Work and Pensions data and Reserve Forces data. The Government was rightly concerned with the security of other systems under its remit and took a number of rather drastic actions. One of these involved Westminster.
You may remember that in January, the MOD closed Westminster down as a precautionary measure (a case of close down first and investigate later). We met with the MoD in Whitehall to explain Westminster and its security. They were impressed with the security already in place and agreed to turn Westminster back on until the end of April, at which point they would hold a full review.
We had a number of actions resulting from this meeting, concerned mainly with reinforcing our data handling policies, introducing disk encryption on laptop PCs used to hold personal data, and making sure those old PCs holding personal data were properly disposed of. In early April, we met again with the MOD to report on progress. They were extremely impressed with what we had done and gave Westminster a "clean bill of security health". Further, they dropped the requirement of a further review and asked if they could use Westminster as an example of best practice to share with other MOD organisations.
In another unrelated activity, Westminster was subjected to a penetration test by QinetiQ, a leading defence technology and security company. This is a regularly held test in which QinetiQ endeavour to "hack" into the Westminster computers and software code to extract confidential data. They failed. However, there were a number of minor issued found, and these have been addressed.
The positive results of these two quite different reviews demonstrate that Westminster is very secure and you should be confident that your personal data is safe within Westminster.
Only current and necessary Personal Data must be stored on personal computers
It is of paramount importance that all individuals review the data that they hold on their Personal Computers to ensure that only current and relevant data is kept.
Units and individuals are to ensure any data that is not being used is deleted and only current relevant data is stored. This includes downloaded data from Westminster and any other data held on Access databases, Excel spreadsheets and similar.
All old PCs must be legally disposed of and cleaned of all sensitive data before disposal
If any personally owned equipment is disposed of once it reaches the end of its useful life, it must be done in a controlled manner and in accordance with the WEEE (Waste Electronic and Electrical Equipment) regulations currently in force. This means it must be disposed of through a licensed WEEE disposer. For private equipment, this is typically a designated site run by your local council.
If the PC has held or holds sensitive personal data from Westminster or any other system, these files must be securely deleted before the PC leaves your premises. For details of how to carry this out, please read and follow the instructions in the documentation section.
Please ensure that you continue to follow Data Protection requirements
Guidance on the matter of MSSC data privacy and data protection can be found at:
and by reading the Westminster Usage and Data Handling policy.
Reading of this document is enforced when logging onto Westminster for the first time or when changing password.