NRA spent £18,000 on armoury software after theft

[Gaz]

Andrew Mercer, chief executive of the NRA, said the security breach had been ‘unforgiveable’.

“It’s embarrassing for us because we are a secure premises,” he said this week.

“The scope and the bolt would not have caused any risk to the public, but that’s no excuse.

“People expect them to be properly secured.

“It highlighted failings in our systems and our procedures, which was mightily embarrassing.”

Mr Mercer said the software for the new armoury database had cost £18,000 alone, and that more staff were now tasked to security of the facility.

http://www.getsurrey.co.uk/news/surrey- ... un-9499433

£18 THOUSAND on software and a database?! What the hell did they do, commission a bespoke product from the ground up?

[Chuck]

Almost as stupid as that headline

National Rifle Association sniper gun parts theft investigated by police

[Fedaykin]

Andrew Mercer, chief executive of the NRA, said the security breach had been ‘unforgiveable’.

“It’s embarrassing for us because we are a secure premises,” he said this week.

“The scope and the bolt would not have caused any risk to the public, but that’s no excuse.

“People expect them to be properly secured.

“It highlighted failings in our systems and our procedures, which was mightily embarrassing.”

Mr Mercer said the software for the new armoury database had cost £18,000 alone, and that more staff were now tasked to security of the facility.

http://www.getsurrey.co.uk/news/surrey- ... un-9499433

£18 THOUSAND on software and a database?! What the hell did they do, commission a bespoke product from the ground up?

I work in the education database sector and studied database design at University, that sounds cheap to me. I know it is easy to jump on these kind of conclusions Gaz but to my professional eye it is not unreasonable. Yes you can knock up a quick access database but if you want any kind of data security, ongoing support and scalability a commercial solution is going to be the only realistic choice and significantly more costly.

You also need to factor in not only the software side of things but also the hardware, this would have involved the installation of a server which doesn't come cheap! An entry level commercial Dell Power Edge comes in at a shade under £600 but if you are going to be serious I would be pushing for a more expensive model. At least £2000 then add to that the infrastructure including cabinet (unless it is a tower), back up storage and emergency backup power supply and very quickly you can be pushing towards £10,000. Then you need to consider the network infrastructure and computers that will access that database. On top of that you need to pay the licences not only for the server operating system (unless you are going the free Linux root) and the licences for the database software plus onsite support. Oh and finally a bit of training which will be charged at an hourly rate.

For a large Secondary school in England the annual site licence cost for their database which contains far more sensitive data will be over £4000 a year EVERY year!

Actually as somebody who is associated with this line of work I would suggest Gaz your headline for this matter/article should be:

Why has the NRA spent so little on a database after the armory theft?

Hope this helps your understanding

[meles meles]

Might thicker window bars, a sturdier door and some training in key custody have been more appropriate ?

[Fedaykin]

Oh and by the by I am guessing that this database solution won't ISO27001 compliant as I very much doubt the NRA as an organisation has even considered that kind of thing.

Storm in a teacup.

[Fedaykin]

Might thicker window bars, a sturdier door and some training in key custody have been more appropriate ?

Hmmm yes I would agree that is a good starting point, but a good database can really enhance an organization's ability to maintain security through appropriate asset tracking.

[techguy]

Andrew Mercer, chief executive of the NRA, said the security breach had been ‘unforgiveable’.

“It’s embarrassing for us because we are a secure premises,” he said this week.

“The scope and the bolt would not have caused any risk to the public, but that’s no excuse.

“People expect them to be properly secured.

“It highlighted failings in our systems and our procedures, which was mightily embarrassing.”

Mr Mercer said the software for the new armoury database had cost £18,000 alone, and that more staff were now tasked to security of the facility.

http://www.getsurrey.co.uk/news/surrey- ... un-9499433

£18 THOUSAND on software and a database?! What the hell did they do, commission a bespoke product from the ground up?

I work in the education database sector and studied database design at University, that sounds cheap to me. I know it is easy to jump on these kind of conclusions Gaz but to my professional eye it is not unreasonable. Yes you can knock up a quick access database but if you want any kind of data security, ongoing support and scalability a commercial solution is going to be the only realistic choice and significantly more costly.

You also need to factor in not only the software side of things but also the hardware, this would have involved the installation of a server which doesn't come cheap! An entry level commercial Dell Power Edge comes in at a shade under £600 but if you are going to be serious I would be pushing for a more expensive model. At least £2000 then add to that the infrastructure including cabinet (unless it is a tower), back up storage and emergency backup power supply and very quickly you can be pushing towards £10,000. Then you need to consider the network infrastructure and computers that will access that database. On top of that you need to pay the licences not only for the server operating system (unless you are going the free Linux root) and the licences for the database software plus onsite support. Oh and finally a bit of training which will be charged at an hourly rate.

For a large Secondary school in England the annual site licence cost for their database which contains far more sensitive data will be over £4000 a year EVERY year!

Actually as somebody who is associated with this line of work I would suggest Gaz your headline for this matter/article should be:

Why has the NRA spent so little on a database after the armory theft?

Hope this helps your understanding

THIS.

£18k isn't much at all. If fact, £18k is actually very cheap! (Source: I'm an IT Ops Manager, and was a DBA for a while)

[Meaty]

Almost as stupid as that headline

National Rifle Association sniper gun parts theft investigated by police

And what the hell is a K89 ZF ?

[Browning_grrl]

That's interesting, mostly because I didn't know that the UK had a "NRA" as well. I guess not the same sort of thing as ours though? :)

[Gaz]

I work in the education database sector and studied database design at University, that sounds cheap to me. I know it is easy to jump on these kind of conclusions Gaz but to my professional eye it is not unreasonable. Yes you can knock up a quick access database but if you want any kind of data security, ongoing support and scalability a commercial solution is going to be the only realistic choice and significantly more costly.

You also need to factor in not only the software side of things but also the hardware, this would have involved the installation of a server which doesn't come cheap! An entry level commercial Dell Power Edge comes in at a shade under £600 but if you are going to be serious I would be pushing for a more expensive model. At least £2000 then add to that the infrastructure including cabinet (unless it is a tower), back up storage and emergency backup power supply and very quickly you can be pushing towards £10,000. Then you need to consider the network infrastructure and computers that will access that database. On top of that you need to pay the licences not only for the server operating system (unless you are going the free Linux root) and the licences for the database software plus onsite support. Oh and finally a bit of training which will be charged at an hourly rate.

For a large Secondary school in England the annual site licence cost for their database which contains far more sensitive data will be over £4000 a year EVERY year!

Actually as somebody who is associated with this line of work I would suggest Gaz your headline for this matter/article should be:

Why has the NRA spent so little on a database after the armory theft?

Hope this helps your understanding

Re bold - not my story. For once!

I hadn't thought of it as a full-cost-of-ownership thing, it makes more sense if you lump in all of the infrastructure and training. The quote made it sound as if they'd bought software alone priced at £18k.

As for the actual headline, this might be the only occasion in history when "sniper" is accurate - the gun in question was a Mauser sniper rifle. Shame they then screwed up by calling it a "K89"...