National Archives: What, Me Worry?

I propose that the National Archives change its motto from "Littera Scripta Manet" (The Written Letter Abides) to "What, Me Worry?" befitting it's current lack of data security controls.
Written by Jason Perlow, Senior Contributing Writer

I propose that the National Archives change its motto from "Littera Scripta Manet" (The Written Letter Abides) to "What, Me Worry?" befitting it's current lack of data security controls.

While many of you this weekend were firing up your barbecues, cooking grilled meats and drinking chilled beers, you might have missed a small announcement that the  National Archives and Records Administration (NARA) made last Thursday having to do with a eensy, weensy, rather trivial data loss -- it managed to misplace a TWO TERABYTE EXTERNAL STORAGE SYSTEM containing confidential information from the White House during the Clinton administration.

Click on the "Read the rest of this entry" link below for more.

Those of you who do not comprehend just how much data has been compromised in terms of what two terabytes (2TB) actually represents should read this great piece on the Anderson Cooper 360 site by my friend David Gewirtz, who is a highly-regarded consultant in the field of national infrastructure and data security.

The drive that was stolen was of the type you could buy at Best Buy or Tigerdirect, a consumer grade USB storage unit that costs less than $300. Most importantly, the data that was stored on it was unencrypted and contained large volumes of Clinton administration records, including the names, phone numbers and Social Security numbers of White House staff members and visitors. According to Congressional aides briefed on the matter, the device contained “more than 100,000? Social Security numbers and Secret Service and White House operating procedures. (EDIT: The drive apparently contained hard disk images of White House PCs that were used by staff during the course of that administration.)

The biggest, most serious problem with this breach is that the US Government doesn't precisely know how many records were stolen or lost. They also don't know who took the storage unit or how this data ended up on a portable, commodity PC storage device rather than in an enterprise-class, guarded, secure system with multiple levels of encryption and passwords and a document management system with sophisticated audit and logging controls.

Also Read: PDF FAQ about the lost hard drive at NARA (archives.gov)

Gewirtz makes a important point that because consumer data storage has now reached a level where it's easy to transfer huge volumes of data cheaply, that our nation's most important data is at risk. Obviously, something needs to be done in terms of improving our security controls or God knows what in terms of national secrets could end up in the hands of individuals and governments that legitimately want to do us harm.

The methodology and technology we use to keep our most guarded data safe in the government and in corporations that are trusted with confidential information requires strict regulation and sanity. If anything, we need to figure out how to keep data contained where people can view it as required by their jobs, but not necessarily be able to copy it off a system.

One of the ways I believe this can be accomplished is through a combination of policy enforcement, auditing and technology controls at the user, application and infrastructure levels. Document management software with very granular levels of access control of who can see what and elaborate logging of who looked at what is going to be required.

We also need to re-think how information is viewed and is accessible. Full-blown PCs which have the ability to transfer data from a CIFS/SMB server or storage system somewhere should not be used in Government or in institutional settings (Healthcare/Financial/Utility/Insurance) where large volumes of confidential personal information is being handled.

For these types of applications, we should probably be looking at solid state thin client devices (such as the Pano and the Sun Ray) and highly encrypted remote access systems which have USB and optical storage capabilities physically disabled and are connected to virtual destkops which are policy enforced, locked down and task-oriented for reviewing sensitive information, and should require at least two forms of biometric authentication before the data is even viewable. It should also go without saying that in any facility or area where secure data which concerns national security is being accessed, video surveillance of the end-users performing the data access should be monitored.

Have you lost your trust in the government's ability to secure data with the latest National Archives security breach? Talk Back and Let Me Know.

Editorial standards