WikiLeaks impels White House to order classified data security review

Security measures under scrutiny

Agencies are to immediately evaluate their security practices to see if they have adequate restrictions in place on employees’ access to classified data and their ability to copy classified documents onto mobile devices, under orders from the White House.

The order comes after WikiLeaks' massive disclosure of classified diplomatic cables.The White House will also conduct its own security review of agencies that handle classified information, wrote Jacob Lew, director of the Office of Management and Budget, in a memo dated Nov. 28.


Related stories:

Hackers fail to bring down WikiLeaks site

DOD's response could be driving traffic to WikiLeaks


OMB, the Information Security Oversight Office and the Office of the Director of National Intelligence will initiate "processes to evaluate, and to assist agencies in their review of, security practices with respect to the protection of classified information,” Lew wrote.

The memo reminds federal executives that unauthorized disclosure of classified information is a violation of law and compromises national security. Such violations are unacceptable and will not be tolerated, Lew wrote.

The memo tells each federal department or agency that handles classified information to establish a security assessment team composed of counterintelligence, security and information assurance experts. The teams will review the agencies' implementation of procedures for protection of classified information.

The reviews should include an assessment of system configurations to ensure that users do not have broader access than needed for their jobs, Lew wrote. They should also assess whether there are appropriate restrictions in place on the use of classified networks and the removal of data from those networks for storage on a mobile device.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Reader Comments

Thu, Dec 2, 2010

This is all a day late and a dollar short. All of this kneejerk reaction stuff is a result of convenience vs. security with letting convenience win out. If you are not actually designing a secure system that limits, audits, and tracks users of EVERY RANK in our government while moving data, your just a security risk waiting to happen.

Wed, Dec 1, 2010 Bob Donelson Washington DC

The Audit Trails and Business Rules that can be invoked using the Federal Identity Credential and Access Management (ICAM) Road Map for unclassified sensitive data and networks would inherently repair the open access privileges that are being reported for the Classified Networks. While a review may be needed. Merely bringing the classified data protections up to the same level of security as the unclassified world seems a simple step forward. Of Course all of this would be done in a very Classified more robust way not shared with the public. Now I am thinking that maybe there should be some leadership changes over the classified networks.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above