Structural Reform: Improving Government Security of Classified Networks & Information
Our Nation’s security depends on the ability to share classified information to authorized users immediately. With this, requires sophisticated measures to prevent vulnerabilities and infiltration’s on our networks. With last years leak of hundreds of sensitive documents by Wikileaks, President Obama has just issued an Executive Order on Oct. 7th to implement a structural reform to ensure responsible sharing and safeguarding classified information.
After the WikiLeaks incident where Army Private, Bradley Manning leaked more than 250,000 confidential State Department cables, video of a deadly U.S. helicopter attack and logs pertaining to the Iraq and Afghanistan wars; National Security created a committee to recommend procedures for reducing the risk of breaches of classified information. The goal of the effort was, “to ensure that we provide adequate protections to our classified information while at the same time sharing the information with all who reasonably need it to do their jobs,” the White House said in a statement. In addition to adding an insider threat task force, the order issues five priority areas for prevention:
1. Removable Media
Departments and Agencies have made significant progress in clarifying and standardizing removable media policies, processes, and technical controls. We have limited the numbers of users with removable media permissions and strengthened accountability for violations.
2. Online Identity Management
The owners and operators of classified systems are accelerating efforts to strengthen the online verification of individuals logging on to classified systems, and to be able to track what information is being accessed by these individuals.
3. Insider Threat Program
As directed in the Executive Order, the Attorney General and the Director of National Intelligence are actively establishing an interagency Insider Threat Task Force. This Task Force will integrate specialized abilities, tools, and techniques to more effectively deter, detect, and disrupt the insider threat.
4. Access control
Departments and Agencies are implementing more robust access control systems to enforce role-based access privileges that serve to ensure that an individual user’s information access is commensurate with his/her assigned role.
5. Enterprise audit
Enhancing auditing capabilities across U.S. Government classified networks is a priority effort, and planning has been initiated to define the policy and develop standards for the collection and sharing of audit and insider threat data.
This executive order might not prevent another “WikiLeaks” incident but, hopefully will help prevent insider threats, system vulnerabilities and foreign attacks. With better procedures such as access control, auditing, and identity management, the government is taking a good step forward in protecting our nations security.
For more information check out the links here: