Mar

31

The fantasy and reality of government security

Filed Under Virus | 

In the movies the government has always got the best toys, the cutting-edge technology and the tightest security standards. Those who have worked on security projects within the government know that in real life government security standards and implementations can vary all across the range from quite serious to laughable.

Over the last few years in fact government departments have been earning poor or failing grades on cyber security. This may be about to change with a US$355 million investment in government cybersecurity included in the recently passed stimulus act. It’s about time too: Just last week a private company notified the government that they had discovered the blueprints for Marine One (the president’s helicopter) on a filesharing network node in Iran.

If we believe the movies then a file as sensitive as the blueprints for the presidential helicopter fleet would be encrypted, biometrically protected and stored in a bunker at an undisclosed location. It’s a bit unfair to bash government security in this case because the file was leaked from the desktop of an employee of a private contractor. Because the vast majority of this type of work is outsourced, the security depends as much on enforcement of standards at third parties as it does on the security within government. But we have to wonder: why wasn’t encryption required for this type of file? Why was this type of file allowed on an unmanaged desktop? And why was peer-to-peer software installed on the same desktop?

http://www.computerworld.com/action/…ce=rss_topic17

Related Posts:

written by lina \\ tags: , , , , , , , , , , , , , ,

Comments

Leave a Reply

You must be logged in to post a comment.