backtop


Print 18 comment(s) - last by johnfranks999.. on Feb 18 at 1:30 PM

Another security review is under way, as Los Alamos continues to try and deal with physical data issues

The Los Alamos National Laboratory in New Mexico is being heavily criticized again regarding improper security measures that have led to stolen computer hardware over the past year.  

In the past year, 13 computers have either been misplaced or stolen along with 67 computers that are missing right now.  In another incident, a Los Alamos employee had three computers taken from his or her home, without officials announcing why the computers were allowed to leave the labs.  In addition, an employee lost his BlackBerry smartphone "in a sensitive foreign country," with similar incidents becoming too commonplace for a nuclear weapons laboratory.

"The magnitude of exposure and risk to the laboratory is at best unclear as little data on these losses has been collected or pursued given their treatment as property management issues," the memo stated. It further ordered the Los Alamos lab to "treat any loss of computer equipment with the capability to store data as a cyber-security concern," the Project on Government Oversight (POGO) watchdog group said in a public memo.

A total of 80 computers have been misplaced or stolen throughout 2008, with 11 successfully recovered.  Although no classified information has been lost, according to Los Alamos spokespeople, it's a troubling trend that still hasn't been properly fixed.

The theft incident last month involving three computers at an employee's home led the lab to have a month-long inventory and review of guidelines regarding work computer usage at home.

Despite recent data breaches, the Department of Energy National Nuclear Security Administration applauded the laboratory for working "diligently over the past year to complete the demanding requirements of the Secretary's Compliance Order," among other security successes.

Government officials expect Los Alamos to be one of the most secure labs in the country, yet simple security issues continue to plague the lab -- they've enacted numerous security precautions, and will have to again try and figure out what is not being done properly.

For example, the federal government criticized lab officials when a trailer of a former subcontractor at Los Alamos was searched and three USB flash drives containing classified nuclear data were found inside.  A year later in January 2007, sensitive materials regarding nuclear materials were e-mailed over an open, unsecured network, which was a serious breach of protocol.





Comments     Threshold


This article is over a month old, voting and posting comments is disabled

.....
By icanhascpu on 2/14/2009 7:14:06 PM , Rating: 5
quote:
Government officials expect Los Alamos to be one of the most secure labs in the country


Yet people can lug around full computers out by the dozen?

1. Fire those government officials. They are officially stupid.
2. Fire the 'security' and hire some compliant people and implement actual security.




RE: .....
By Brainonska511 on 2/14/2009 7:59:03 PM , Rating: 5
The parts of Los Alamos that actually have classified research have much stricter security standards. This is from the non-classified stuff, where research results are freely accessible and the high security isn't necessary.

It still is ridiculous how much is stolen, but it isn't nuclear secrets.


RE: .....
By Gul Westfale on 2/14/2009 8:45:02 PM , Rating: 3
yes and besides, every PS2 can launch ICBMs, don't you know?


RE: .....
By ira176 on 2/14/2009 9:56:28 PM , Rating: 2
No one should be allowed to bring in any electronics of any sort, and no electronic device should be allowed to leave without authorization and signout of what device it is and some sort of discrete location device like lojack or gps or something else that can be activated if the item is lost or stolen.


RE: .....
By Brainonska511 on 2/14/2009 10:28:03 PM , Rating: 5
Why do you need such tight security? It's overly restrictive and serves no real purpose. You have to realize that the stuff that is actually national secrets and classified research already has severe restrictions (no external computers, all internal computers cannot connect to the internet, etc...). This is the non-classified and general research that occurs at national labs in the US and thus doesn't need the extreme security measures.


RE: .....
By taber on 2/15/2009 12:47:49 AM , Rating: 3
Or maybe the security guards should just ask people why they're lugging a computer out of the building.

Seriously, the article states "no classified information has been lost", it's not that big of a deal. So long as they keep computers with classified material safe, they're doing a good job. The government wastes enough money already, I don't want them spending more protecting 70 $1k computers from being stolen.


RE: .....
By MBlueD on 2/15/2009 3:56:39 AM , Rating: 3
It will be too late when a computer with sensitive data is stolen. A computer may cost $1k, but the data on it may be worth much more.
They don't really need very high security for these things - only competent security. A simple ticket system or a log of incoming and outgoing electronics (at least laptops and desktops), maintained with some zeal, may be enough to reduce the changes of the worst case scenario to a negligible amount.


RE: .....
By Neutrion on 2/15/2009 2:56:16 AM , Rating: 2
Yup, pace makers and everything. Go all the way </sarcasm>.


RE: .....
By sunjava04 on 2/15/2009 5:29:53 PM , Rating: 2
seems like there were many chinese working in this lab....


You can stop hyperventilating now
By glad2begone on 2/15/2009 3:46:54 PM , Rating: 3
It is unfortunate that Los Alamos has lost some laptops. However, every large organization loses computers and phones. These are unclassified systems. Classified systems are controlled much more carefully. Staff members routinely take laptops while on travel and to home to do unclassified work (as do scientists at any other organization). Now Los Alamos will not allow computers to be taken out of the lab.

This is a good thing? People, please take a deep breath and try to realize that there is a lot of unclassified work that is done at Los Alamos and dedicated scientist do work very hard on those projects, and they do this even outside of the normal work day. The continual hyperventilating like this over minutia makes me very glad I left Los Alamos a couple years ago.

In addition, focusing attention on lost laptops (WITH NO CLASSIFIED INFORMATION) takes away from important issues like protecting CLASSIFIED INFORMATION.

Los Alamos should work to minimize losses like this, but this is not worth destroying the place as a viable place to do science.




By Josett on 2/16/2009 7:39:41 PM , Rating: 2
quote:
...focusing attention on lost laptops (WITH NO CLASSIFIED INFORMATION) takes away from important issues like protecting CLASSIFIED INFORMATION.


Actually, the concern should be on how a major R&D facility w/ highly sensitive stored data allows such media to be lost/stolen/taken, and not the normal procedures of any organization's employees.
The second issue is: How far is any 'non-classified' data from becoming 'classified'?

Cheers!


GPS
By SiliconAddict on 2/14/2009 11:28:53 PM , Rating: 2
When the hell is GPS going to be integrated into laptops? I mean from a security standpoint it seems like a no brainer. And for those paranoid about big bro have it be a feature that can be ordered....say a daughter card that is socketed onto the board on the inside with an antenna that goes to the screen, so to get at it you need to disassemble the laptop....screen, palmrest, keyboard, etc.




RE: GPS
By jlips6 on 2/15/2009 10:23:26 PM , Rating: 2
They do that at my highschool, actually.
Unfortunately for them, they didn't do it in the same manner you mentioned that would actually work. Instead, they grafted a GPS chip on to the chassis.

I don't think I need to say how stupid this is.
They are assuming that all the kids who go to this school are total morons who don't know how to disassemble a computer. I have personally verified that you can freely alter the guts of the machine. Anyone who wanted to could go in during lunch and come out with 32 Gigs of ram in their pockets and no-one would be any the wiser.

I hope for the sake of our national security that they learn how to implement this properly. :(


Los Alamos...
By CloudFire on 2/14/2009 8:35:17 PM , Rating: 1
= failed




RE: Los Alamos...
By SiliconAddict on 2/14/2009 11:30:54 PM , Rating: 2
And yet win on some many other things.


Actually not that bad....
By maschal on 2/16/2009 7:11:21 PM , Rating: 2
What a lot of folks don't realize - LANL probably has something on the order of 20-35k computing devices (laptops, desktops, servers, pdas, smartphones, etc.) To lose 70 isn't outside of the government norm.....there are a lot of places that lose that many within their own fences....




By johnfranks999 on 2/18/2009 1:30:36 PM , Rating: 2
Most organizations enjoy “security” insofar as they haven’t been targeted, or had an employee make a human error with catastrophic exposure. Price Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be, basically, clueless regarding IT risk and its tie to overall enterprise (business) risk. Data breaches and thefts are due to a lagging business culture – absent new eCulture, breaches will, and continue to, increase. As CIO, I’m constantly seeking things that work, in hopes that good ideas make their way back to me - check your local library: A book that is required reading is "I.T. WARS: Managing the Business-Technology Weave in the New Millennium." It also helps outside agencies understand your values and practices.
The author, David Scott, has an interview that is a great exposure: www.businessforum.com/DScott_02.html -
The book came to us as a tip from an intern who attended a course at University of Wisconsin, where the book is an MBA text. It has helped us to understand that, while various systems of security are important, no system can overcome laxity, ignorance, or deliberate intent to harm. Necessary is a sustained culture and awareness; an efficient prism through which every activity is viewed from a security perspective prior to action.
In the realm of risk, unmanaged possibilities become probabilities – read the book BEFORE you suffer a bad outcome – or propagate one.




OH NO
By FaceMaster on 2/15/2009 6:25:41 PM , Rating: 1
Think of all that lost porn!




"Game reviewers fought each other to write the most glowing coverage possible for the powerhouse Sony, MS systems. Reviewers flipped coins to see who would review the Nintendo Wii. The losers got stuck with the job." -- Andy Marken



Most Popular ArticlesSmartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
UN Meeting to Tackle Antimicrobial Resistance
September 21, 2016, 9:52 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM







botimage
Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki