NARA's missing hard drive shouldn't cloud the security issue
- By Kevin McCaney
- Jul 09, 2009
Since May, the National Archives and Records Administration has been offering a $50,000 reward for the return of a Clinton administration hard drive that went missing from NARA’s complex in College Park, Md., some time during the winter. NARA’s inspector general has launched a criminal investigation.
The records on the drive include an estimated 100,000 Social Security numbers, including those of some Clinton staff members, White House visitors and one of former Vice President Al Gore’s daughters. So there is cause for concern, though not for overreaction.
The loss of the hard drive — one of a growing list of data losses suffered by NARA and other agencies — has prompted some to wonder whether data might be safer in the cloud.
It’s just speculation, of course, and no one is pretending that the cloud is secure enough for sensitive data. The larger issue isn’t where data is kept but how. NARA’s missing hard drive was a copy — the agency still has the original tapes and a backup hard drive. So the problem isn’t that NARA lost the data but that someone else might have it, which could happen with any storage system.
It reinforces the old saw that security is diligence. There are no inherently safe places to keep data, only safe practices for doing so.
Kevin McCaney is a former editor of Defense Systems and GCN.