Technology news and Jobs 
Information Technology News The Science of National Insecurity at the Los Alamos Lab
Information Technology News The Science of National Insecurity at the Los Alamos Lab | The Science of National Insecurity at the Los Alamos Lab |
|
| by Davey Winder | |
| Sunday, 28 September 2008 | |
|
Page 1 of 2   
There are times when, working as an observer of all things IT security, my mood goes beyond one of despair and starts to creep slowly towards wide-eyed, slack-jawed, out and out fear. Featured Whitepaper
5 Best Practices for Smartphone Support
So imagine my dismay, and the state of my pants, when I read that the Government Accountability Office had reported a number of security weaknesses regarding the already in-the-security-doghouse Los Alamos National Laboratory. Los Alamos (operated by the National Nuclear Security Administration) just happens to flag itself, rather ironically if you ask me, as the home of National Security Science. Perhaps that should change to read National Insecurity Science now? Especially when you consider what goes on at Los Alamos. I will allow the Labs to speak for themselves, as stated in the 'about us' section of its website: "Los Alamos National Laboratory is a premier national security research institution, delivering scientific and engineering solutions for the nation's most crucial and complex problems. Our primary responsibility is ensuring the safety, security, and reliability of the nation's nuclear deterrent." The blurb continues: "The Los Alamos of today emphasizes worker safety, effective operational safeguards & security, and environmental stewardship, while outstanding science remains the foundation of the Laboratory." Are your pants damp yet? Give it time, maybe after you learn more about that GAO report and its findings. The report confirms that the Los Alamos National Laboratory "has experienced security lapses protecting information on its unclassified computer network" in the past which contains "sensitive information." GAO assessed the effectiveness of the security measures implemented to protect this information. In order to do this, GAO examined security policies and procedures as well as reviewing the laboratory's access controls for protecting information on the unclassified network. It concluded that "weaknesses remain in protecting the confidentiality, integrity, and availability of information on its unclassified network" and said of the network security system to detect potential intrusions that it had "found vulnerabilities in several critical areas." These included: identifying and authenticating users, encrypting sensitive information, and monitoring and auditing compliance with security policies. What other insecurities did the GAO report uncover, and what are its recommendations to rectify matters? Perhaps most importantly, have my pants dried out at all? Find out on page 2... CONTINUES |
| < Next story in category | Previous story in the category > |
|---|
