According to a cybersecurity expert, the Central Database Hub (Padu) has been developed using methods deemed “outdated,” potentially jeopardising its data integrity.
Fong Choong Fook, CEO of LGMS Bhd, a cybersecurity firm pointed out that modern organisations typically prefer employing an API (application programming interface) gateway for accessing distributed data, as opposed to relying on a duplicated centralised database, according to FMT.
He cited the example of the Singapore government’s initiatives, highlighting their utilisation of an API gateway in the cloud to facilitate access to distributed and stored data across various agencies. Comparatively, Fong criticised the Malaysian government’s approach as antiquated.
Fong expressed concerns that adopting such an outdated method for developing PADU not only increases the risk of data duplication but also undermines the integrity and accuracy of stored information.
He illustrated this with an example, questioning which data source the government should prioritise when there are discrepancies between salary information keyed in and government records from the Inland Revenue Board.
Additionally, Fong remarked that determining the overseeing department for PADU becomes “pointless” if the database’s design itself is flawed. He emphasised the importance of examining the root cause of issues, assessing the security of the database, and evaluating the robustness of its foundation.
Economy Minister Rafizi Ramli claims that PADU system adheres to security protocols and meets international standards. Despite facing over two million illegal access attempts daily, especially during the initial month, the system remains secure and impenetrable, he said.