|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: security curmudgeon (jericho
attrition.org)
Date: Tue Nov 10 2009 - 00:56:48 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>
http://fcw.com/articles/2009/11/06/web-nara-it-security-problems.aspx
By Ben Bain
FCW.com
Nov 06, 2009
The National Archives and Records Administration violated its information
security policies by returning failed hard drives from systems containing
personally identifiable information of current government employees and
military veterans back to vendors. By agency policy, NARA is supposed to
destroy the hard drives rather than return them, according to a top NARA
official.
However, the agency believes there was no disclosure of personally
identifiable information despite the violations of its own policy, said
NARA's then-acting archivist Adrienne Thomas.
Thomas told the House Oversight and Government Reform Committee's
Information Policy, Census and the National Archives Subcommittee Nov. 5
that on two separate occasions the agency sent defective disk drives back
to vendors under a maintenance contract, rather than destroying and
disposing of them in-house.
[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]