Shark Tank: The perfect way to start the day

It's nice to see so many

It's nice to see so many SME's. It goes to show that there was no real security breach at Los Alamos, RIGHT.

Welcome to the world of

Welcome to the world of classified data handling... There are clearly defined regulations for dealing with "contamination" events - it's not like support just does whatever they please. You report incidents, you follow the regs, you do what you have to when you work in an environment like that. Better than sitting in a cell talking to your lawyer. I don't see any comments about people doing lousy or slow support work... and gosh, don't think they monitor network traffic in classified installations?

What is this stuff? Why does

What is this stuff? Why does any entity think its okay to do lousy or slow support work when a classification or handling error occurs? You are IT support; not IT judge, jury and procrastinator. Scrub, sanitize, and purge the mistake and get out of the way. If you can find the class'd data, you can search to see if it migrated anywhere else. And what's this about 'monitored' network traffic. If the monitors have security classifications cleared to 'know' controlled sensitive data, why are they doing the busy-work of sniffing through other people's mail. I think all y'all that have clearance are piling on a thick layer of overwhelming offal so the rest of us that do work can't smell through the cycle of nothingness that you perpetuate.

I've been in that kind of

I've been in that kind of environment too -- air-gapped networks for different classification levels. When incidents occurred, it was usually one of two things. Either someone had gotten careless and entered classified info on an unclassified network, or work that had originally been unclassified was later classified. (That's no surprise either; some material is only classified in aggregate, even if it's aggregated from individually unclassified pieces.) When we did incident recoveries, we tried our best to make them painless and non-punitive to innocent victims. We didn't try to make life difficult for those who had made mistakes, but frankly you want them to have a little inconvenience because it will make them more careful next time. Fortunately, most people there understood and respected the need for security, even if they saw some of the security restrictions as a nuisance.

Where I used to work we had

Where I used to work we had a once a year security review and everyone had to attend. It was given over a week so all could & nites for some others. If you did not attend, then your logon was suspended after another week of time given you to "make-up" the class. When your logon was suspended, you had to attend a class b4 your logon was reopened. This could be done on a 1/2 year basis instead for higher classifications and could prevent the dreaded "loss" because someone else sent you a msg (better enforcement or better trained user). File th p/w with their personnel record or keep a seperate file for this reason.

When I first started reading

When I first started reading today's Sharky I thought it was about my work place. I also work in a military installation and have a similar setup and situations. We have several networks at varying levels of classification. Some are completely air gapped from others including the Internet. However, every once in a while a user may compose a document containing sensitive (i.e. classified) information on a network not cleared for that level of information and in some cases they transmit it via email to other users. We also remove and scrub the information from every location that we are aware of and this may result in a user's PC being removed. However, the removal is not a punishment to the recipient but rather something that has to be done in order to remove the data. In our environment no data is supposed to be saved locally, all is saved to network drives, so a loss/replacement of a PC does not cause a great inconvenience. Over the years users have learned not to save anything locally since swapping out hard drives or whole PC's is also our method of repairing or upgrading PC's. As for the comment about users not reporting the fact the classified material is improperly placed on the network, we rarely come across it. Our users know that the network is monitored and that someone is likely to come across the information and report it, especially email. Nothing is done to innocent recipients of classified data but failure to report such an incident can result in harsh punishment including criminal charges.

I think the security at

I think the security at military bases is just fine. It's real easy for me to get in and out so please don't change anything right now.

This is why separate

This is why separate systems/networks are necessary. I kept our classified PC physically separate, with a two-person controlled removable hard drive. The main problem is users who become so complacent that they no longer pay attention to how sensitive data they're putting out is. Any of my people doing something like this would have had more to worry about that just losing use of their workstation for a while!

-Retired Sarge

If people know that a "CMI"

If people know that a "CMI" (Controlled Material Incident?) results in a wipe of their PC, I'd suspect that folks have started keeping copies of their stuff off-line so they are not inconvenienced by losing their PC for days.

When I was on Subs in the

When I was on Subs in the Navy we had all kinds of classified top-secret stuff going on. Yet, the base wasn't even close to secured that heavily. If you came in the front gates before 6pm you weren't challenged. Then, after 6pm, the back gates (which lead to the Subs parked at the docks) stopped being guarded because they figured the front gates would stop any traffic. I always wondered how serious they were about protecting the boats. That practice changed after it was brought up a few times and now both gates are guarded heavily at all times - presumably after 9/11.
But this leads me to network security...How concerned do you think they were before the internet became such a big boom? I.T. security is a moving target at all times. You have to be extra paranoid that information will leak out! I also wonder at the large numbers of recruits that come in, stay only the four or five years, and then leave. Hundreds of thousands. You gotta assume someone with information is going to talk at some point. It's difficult to nail down ALL possibilities so it makes me a little more comfortable knowing they are Trying to take steps. Please don't assume that even the most advanced government in the world can keep things patched up perfectly.

Go-Go-Gadget KillDisk!!