Labor goes to work on security, infrastructure

Labor goes to work on security, infrastructure

BY PREETI VASISHTHA | GCN STAFF

The Labor Department is channeling its managerial energy into two critical areas: security and core infrastructure.

'We've adopted a risk-based approach instead of being defensive,' said Laura Callahan, deputy chief information officer and Information Technology Center director.

'We've accepted that security problems will arise. What we will work on is how well the department responds to the challenge, say an intrusion or an attack,' she said.

Fixing specifics

A House subcommittee last September listed Labor's systems problems as inadequate password management and protection, unauthorized access to files, shoddy background check procedures and poorly managed intrusion detection systems.



Security is a priority
for the Labor Department's systems staff. From left are Ira Mills, Louis Iaccoleti, Cynthia Williamson, Bernardene Watford, Shawn O'Connor, Cornelius Johnson, Lillian C. Lewis, Alfreda Arrington and Russel Moritz.
'We are taking a holistic approach to computer security,' Callahan said, adding that though it's important to have the hardware and software configured the right way, it's more crucial for all employees to understand how they can improve overall conditions. The department has revamped its guidance and policy handbook, published last April. Employees can now read about vulnerabilities, assessments and systems security plans.

Labor also conducts employee orientation programs at which experts speak on topics such as how easy it is to crack an employee's password. Labor sends off-site employees videotapes on security matters.

The department is offering security courses to employees via the Web through its lifelong learning program. There are courses for several levels of expertise.

Since Labor received a significant infusion of funds last year from the Office of Budget and Management, Callahan said, the department has begun implementing its capital IT plan. 'We are looking at what our needs are and identifying the correct initiatives,' she said.

For instance, the department integrated payroll and personnel systems when it replaced those divisions' legacy systems in January. The new application is built around PeopleSoft HRMS from PeopleSoft Inc. of Pleasanton, Calif.

Labor's fiscal 2002 budget calls for continued efforts on complying with the Clinger-Cohen Act, meeting IT architecture requirements, ensuring security and addressing capital investment needs. Most investments will go toward expanding communications capabilities, improving service delivery and increasing access to information for people with disabilities.

The department is continuing its work on the National Archives and Records Administration rule that directs agencies to identify and preserve certain e-mail messages.

'We never thought that e-mail would be classified as an official record versus a 'Let's have lunch' e-mail,' Callahan said. 'We are preserving messages, and we go through them manually, if need be.'

Now that the IT industry recognizes the need for software that can categorize a message as either a record or a nonrecord, Callahan said she is confident that Labor will soon buy commercial products for archiving e-mail electronically.

Labor workarounds

Even though the IT staff shortage continues to be a major problem, Labor is not badly affected, Callahan said.

For instance, when a vacancy occurs, work is assigned to several people so no single person is overburdened. If that doesn't work, the job might be outsourced, Callahan said.

inside gcn

  • facial recognition tech (Artem Oleshko/Shutterstock.com)

    Biometric ID spots imposters at land crossing

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above