Security above all
Security above all
Thomas R. Temin
Rank has its privileges: authority, good pay, a big office, support staff, an expense account. But rank also carries obligations.
One obligation is to recognize that you never have the right to violate agency policy or to act in a way that makes it appear you abide by a different set of rules.
I'm not trying to sermonize; I am setting the background for my astonishment at the acts of former CIA director John Deutch.
As has been reported extensively, a CIA inspector general's report found that during and after his tenure, Deutch kept and worked on thousands of pages of classified material on unsecured Macintosh computers at his home.
It wasn't long before people'including Sen. Richard Shelby (R-Ala.), chairman of the Senate Intelligence Committee'drew comparisons to the Wen Ho Lee case, in which Lee is accused of downloading classified documents to unsecured systems when he worked as a scientist for the Energy Department.
Deutch's action, whether or not he eventually is found to have violated CIA policy or federal law, is troubling on two counts.
At the basic citizenship level, who wants national secrets stored in places where any child, cleaning person, baby sitter or burglar could access them?
Even worse is the picture this presents to the thousands of managers struggling with the all-important issue of systems and data security. Having the head of an agency ignore fundamental security protocols surely does not send the message that information security is important.
Whatever Deutch's motivation was for working at home, he had declined an offer by the CIA to have a secure terminal installed at his house, according to the IG report. That should set off alarm bells for any federal worker handling sensitive files.
The Deutch news reports came out'coincidentally'as Ford Motor Co. announced that it would give computers and Internet access to hundreds of thousands of employees for use at home. It's a safe bet that Ford president Jacques Nasser will neither store secret engine drawings on his home computer nor tolerate engineering employees doing so.
With information security, no leader can afford to abuse the perks of rank.Thomas R. Temin
Internet: [email protected]