Agency Tasked With Keeping Nuclear Secrets Can't Keep Track Of Its Computers
from the good-to-know dept
Stories about government agencies losing computers with sensitive information have become depressingly common. Last month it was revealed that the FBI tends to lose three or four laptops every month, either through theft or carelessness. But the FBI can feel better about itself knowing it's not the only agency with this problem. An audit of the National Nuclear Security Agency found that it's lost 20 desktop computers (how do you misplace those?) and that some of the computers it is using were not part of its official inventory. Since the NNSA's job is to safeguard the country's nuclear secrets, this news is not particularly comforting. What makes it even worse is the fact that the agency has failed 13 of these audits over the last four years, so it's not as though this news could be characterized as a wake up call that will prompt better practices. Nope, it looks like the government, across many agencies, is chronically ill-equipped to keep track of its own belongings (though it's not as if that's any surprise).
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Duh?
It always astounds me how they "lose" computers. I have never lost a computer. It's really easy, if I'm traveling, the laptop never leaves my side and thats regardless of the sensitivity of the information I'm carrying at any given time. Now, the agency losing desktops is just crazy, but I know how it happens. Manager level employees have a system go down, don't want to go through the appropriate channels and waist weeks getting a new one, so they just hop on DELLs site and order a new one. The old one just gets stuck in storage until they decide to haul it to the dump. Through this process they fail to document is and it vanishes. The real hope is that the hard drive is not with it when it does it's disappearing act.
[ link to this | view in chronology ]
Re: Duh?
[ link to this | view in chronology ]
Ummm
Those desktop statistics are pathetic, however...
[ link to this | view in chronology ]
Lost computers
Every agency has this problem - none have the guts to say - 'this is no way to manage valuable property - let's do what industry does' (in fact industry shares this problem also)!
Most 'lost' property is probably trash. The information on lost computers can be dangerous however.
If the govt cared, they'd use cheap and readily available strong encryption software. Then damage would be much less likely. Don't count on ANYTHING they do making much sense though.
[ link to this | view in chronology ]
Destroying Data
[ link to this | view in chronology ]
Re: Destroying Data
[ link to this | view in chronology ]
Re: Re: Destroying Data
First format, then autoclave, then shred - the best bit is Compaq (our supplier at the time) used to insist on always receiving the drive back if we needed to do a swap out in case of failure or replacement...
They were absolutely insistent at a management level so we used to exchange bags of shredded harddisks for new ones
In a major refresh we would just put them all in one big bag once a week and weigh the bag - both our side and their technicians used to get lots of laughs out of it ;0)
[ link to this | view in chronology ]
[ link to this | view in chronology ]
BS
I work for a major gov't Agency (US) and have for over thirty years.
Government workers are no different than private sector workers. As a matter of fact, a lot of people bounce back and forth between the two several times during their careers. So any characterization of Government workers as slouches is ridiculous.
I support computer systems at the desktop level, and have been responsible for property inventory in the past.
A major issue with all US government agencies I have known is that property inventory clerks are not doing that as a primary duty, it is always "other duties as assigned". This always puts that duty on the back burner.
Another issue is that, unless an agency deliberately does something about it, the guys that dispose of old property are not usually the ones responsible for keeping track of that property.
Most of the time, when an agency has property listed as "lost", that doesn't mean that it has been stolen, especially if it is a desktop unit. What it does mean is that it was disposed of, and somebody didn't do the paperwork. If they have set up the procedures properly, and people follow them, the units HAVE been through the desk shredding process, but you just can't find the paperwork to prove it, cause some noob didn't fill it out.
Our Agency finally got its act together when we got hauled up in front of Congress and they wanted to know what had happened to a very large dollar figure's worth of property that we "couldn't find". As it turned out, most of it had been disposed of, and a lot of it was stored but not properly being accounted for. But it took us almost a year and a lot of heartache to find out, so a newer, tighter set of rules and procedures have been implemented to make it easier, on a bureaucratic basis, to do things right.
In short, you "lose" a desktop computer when nobody knows where somebody else moved it, and the two aren't talking to each other. It may be right under your nose, but if you own thousands of PCs just like it, finding that one unit isn't easy!
Even if you use property numbers in the PC's name, your admins may know it's there, cause they can see it on the network, but that doesn't tell you WHERE it is! In the case of some gov't agencies, that could be anywhere in the US, or the world... in your hands, but exactly whose, and on which desk? Until you can physically find it, you must list it officially as lost.
These stories don't tell you about that, as this information isn't part of the database.
[ link to this | view in chronology ]
correction
[ link to this | view in chronology ]
Disk Wiping
Best way is to melt that sucker down!
[ link to this | view in chronology ]
conclusion?
[ link to this | view in chronology ]