Michael R. Farnum

Hitting the Security Nerve

Clear Program = Clear Text

TAGS:Clear program, hard drive encryption, laptop stolen, sensitive information
IT TOPICS:Security

The TSA is a little miffed, and I am sure a few other people are as well. Why? Because Verified Identity Pass, Inc. had a laptop go missing that contained the sensitive information of 33,000 applicants for the Clear program. If you don't know about Clear, it is basically a program that performs a security pre-screen of applicants and gives them a "high-tech card" (their words) to get through airport security faster. So you can imagine what kind of information was on this laptop.

According to the article, the "TSA has suspended new enrollments in the program" until "all affected applicants" have been notified and Verified Identity Pass "has installed encryption on all its computers".

Now, I am sorry, but the question has to be asked. Yes, the same question that has been asked for the last 2-3 years that this has been happening on a fairly frequent basis. WHY WASN'T THE LAPTOP ENCRYPTED?!?! Sorry for the shouting, but sheesh, golly, gee-wiz, and holy crap, Batman! This is ridiculous!

And want something a little more ironical? Look at this excerpt from their privacy policy:

3. INFORMATION SECURITY

Clear and its subcontractors, pursuant to legal agreements, have a comprehensive information security program to ensure the privacy of Clear applicants and members as well as the integrity of our systems. We apply ID's and passwords to insure that access to systems and data is only on a need-to-know basis. We use encryption (a strong data coding process) for all program sensitive data communications. We apply firewalls to guard against outside intruders. We conduct periodic data security audits to check that the rules are being followed. TSA also conducts periodic audits to assure that we comply with their extremely high standards of data security. We have a continuous update process for Anti Virus protection and implement Operating Systems Security updates for our network infrastructure. (EMPHASIS ADDED)

Oops... Here's another one, straight from their CEO:

Second, we think we have a special responsibility to protect your privacy. Yes, we are using biometric identifiers such as fingerprints and iris images. Yes, your enrollment application will be submitted to the government for a basic security threat assessment before we can issue you a Clear card. But we do not believe the process and the questions stop there. We know that this kind of new idea and new process is bound to make many people uneasy about what we are doing with their personal information, especially at a time when every day seems to bring new headlines about identity theft. (EMPHASIS ADDED)

HAHAHA!!!!! Headlines... you're in 'em. Sorry, couldn't resist.

UPDATE: The laptop was found in their offices. Looks like it was just lost, even though they are still investigating to make sure it wasn't stolen.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Can 42 cops speak for all 730,000 to increase police state surveillance?

EFF fights forced file decryption with Fifth, for Fricosu

Encrypted external hard drives

Review: encrypted hard drive, unlocked by fingerprint

Today's Top Stories

Essential browser tools for Web developers

Hands on: The new iPad

Microsoft cuts the prices of some Office 365 plans

Google works to overhaul its search

Mozilla will start Firefox silent updates in June

Preston Gralla: Big backlash is building against Windows 8. Will Microsoft listen?

Hot Posts

Google wins again vs. Oracle: No patent probs.

Posted by IT Blogwatch |

Apple iPhone 5 -- fresh reports claim 4-inch display

Posted by Jonny Evans |

London's flying cameras spy shoelaces nearly a mile away; Will drones in the USA?

Posted by Darlene Storm |

Free Insider Guide

Excel 2010 Cheat Sheet: Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Security White Papers

2011 FFIEC Authentication Guidance: A New Standard For Online Banking Security: This whitepaper provides an overview of the updated Guidance and the threat landscape which helped define it, examines why previous security measures are...
Backup & Recovery for VMware Environments with Avamar 6.0: This paper highlights several new features within EMC Avamar 6.0 that specifically target and advance the capabilities and performance of VMware data protection.
Driving Security in a Hybrid Cloud Environment: This paper examines recent IDG research among IT leaders, who share their concerns and strategies in addressing security in cloud computing environments.

Security Webcasts

Operational Decision Management for Improving Governance, Risk and Compliance: How to rapidly adapt automated decisions to ever changing market and regulatory environments: Date: Monday, September 26, 2011, 11:00 AM EDT

In this webcast you'll learn how your organization can become more responsive to financial market challenges...
Kill the Laptop! Its Corporate Days Are Numbered: "Kill the Laptop" - The evolution of chips, computing power, connection speed, and the cloud is leading to the fall of laptops and...
The Top Ten Secrets to Avoiding SAN Performance Problems: Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...

IT Newsletters

Get the latest technology news and analysis on critical issues in the enterprise.

Clear Program = Clear Text

Related Posts

Today's Top Stories

Hot Posts

Michael R. Farnum's Archive

IT Topics