Lawyers' secure email network goes down, firm says it'll take 2 weeks to restore Barristers and court prosecutors have been left scratching their heads this morning after Egress Technologies' CJSM email system went down – with the firm saying it could take up to a fortnight to fully restore it. CJSM stands for Criminal Justice Secure eMail. The network is used by Crown prosecutors, judges and other "public …
This post has been deleted by its author
Well, speaking of contempt - if this were to happen to a law firm there would be exactly zero acceptance for this. We would hear how much this was our fault and it is now up to you to provide the miracle of instant recovery because we are not going to stay the proceedings. Oh, and if you fail, you will of course be held in contempt.
This is one of the many reasons law services are expensive - the amount of belts and braces involved is far beyond what people will believe. Two separate persons checking and verifying dates is not enough to satisfy the all due care requirement. And this is of course a one-sided requirement.
Egress can be deployed in a number of topologies, including fully self hosted. It's possible that this is a situation where there was a customer hardware failure and they (maybe) have their backups on (for example) tape. As everything is encrypted, until the whole lot is back, none of it will be back so it's possible to see how this situation could arise.
Encryption is a pain to deal with in terms of backups - we've had to restore terabytes of encrypted volumes before due to drive failure and file system corruption on client hardware and it's not fun.
One has to wonder if anyone looked up the meaning of Egress before buying this product.
Come off it. More bungled civil service procurement.
For what seems to be a mission critical system, you'd have thought they would have a robust SLA and get vast compensation for all the expensive time now wasted. Then again, when have government ever done anything like that?
I would imagine they are scrubbing the stored mail but still - two weeks?
That's because they need to get some body shop, like Capita or IBM, to come in and fix it. They don't appear out of thin air, y'know. Not without drawing a pentagram on the floor and chanting "I summon thee" three times.
In all seriousness, I hope this is not a computer attack because it sure would make me wonder if the UK government have any idea of IT security/operations or is all just "lip service"?
Secure eMail | Technical Overview: CJSM Version 2.x (Information for IT Teams):
‘The overall CJSM programme is being managed by Criminal Justice IT (CJIT). CJSM does not provide “secure email” in the sense in which that phrase is normally used. The messages themselves are neither signed nor encrypted.’
“In fact, they cannot be signed or encrypted. Modifications made to the message in transit across CJSM mean that the message digests (think of these as checksums or fingerprints of the original message) used to calculate the original keys would not match those of the message received. Signature verification would fail, and decryption of the message would be impossible. This behaviour is understood and it is by design.”
The Senior Partner in a law firm I was with in a previous lifetime once said only half joking he wanted a neon-lit sign on his door saying "Fuck off".
Somehow I think he would have reported his email system broken and useless, perhaps on a daily basis.
Now that would be a "MeToo" movement for the rest of us.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
