MMB on data APIs: look what happened in Virginia!

Yesterday we posted a memo from the Office of Enterprise Technology about implementing data Application Program Interfaces (APIs) into state accounting and procurement systems. They seemed pretty skeptical, but reasonable, about the possible shortcomings and security hazards of letting queries from anonymous people into production systems.

Today, Curt Yoakum from Minnesota Management and Budget got back to us with the official MMB take on the matter, in particular addressing where the new TAP web application (which doesn’t work perfectly across all web browsing platforms) fits into this. We’re posting that below, but we still wonder whether the TAP web application already has a big pile of safe, sanitized data that could be opened to APIs. [In other words, a good foundation for this idea may already be set up?] Yoakum is going to get back to us about this issue, but anyway, here’s their take:

Our desire is not to impede access to public information, but to do it in a manner assuring protection of confidential information and the integrity, efficiency and security of our systems. To anyone who thinks that there aren’t real risks and tradeoffs, check out the situation in Virginia. It appears that hackers recently stole, deleted and copied to their own site the health records and prescriptions for eight million patients off of a Virginia state web site.

TAP MN does not have unlimited query powers. The system mines data from accounting production tables and processes the data to address data practices issues, and then presents that data for people to query at will.

Production data needs to be protected inside an adequate firewall to minimize the risk of tampering or losing the core data. It’s bad business practice for any government entity to allow access to production data and systems by anyone other than specifically trained employees familiar with that data, the system it’s operating on, and possessing the appropriate security clearance.

The assertion in the article that the database may not be designed correctly because a poorly designed query could affect performance is inaccurate. Anyone who knows how to design a query could intentionally design one that would bring any system to its knees. It is our duty to protect production data from tampering or deletion.