Posted by: Bcournoyer
Network and application security
Two news items today show, once again, that the problem of data breaches in government isn’t going away any time soon.
First, the Associated Press reports the U.S. military has posted sensitive information — including schematics of a detainee holding cell in Baghdad and plans for a new fuel farm in Afghanistan — on its servers, where anyone on the Internet can access it. The AP raises the concern that foreign intelligence agencies and terrorists could use the information to find security vulnerabilities or attack troops.
Closer to home, in Ohio, the governor said yesterday that a computer storage device stolen from an intern’s unlocked car last month contained the names and Social Security Numbers of 859,800 taxpayers — more than twice as many as previously reported.
Both stories reinforce the point that human error and the lack of clear data-protection policies contribute to government data breaches as much as, if not more than, technological deficiencies. And it’s incidents like these that will drive the federal government alone to increase its IT security spending from $6 billion this year to $7.4 billion by 2012, according to Input, a government analyst firm.
In the SearchSecurityChannel.com story, “Government security breaches bring work to channel,” analysts and systems integrators talk about the products and services the channel can provide to address the government’s security concerns. And “Data theft creates a rich product, service market for security VARs” shows how to address the similar concerns of private-sector clients.