http://www.nytimes.com/2013/06/24/technology/nsa-leak-puts-focus-on-system-administrators.html
By Christopher Drew and Somini Sengupta
The New York Times
June 23, 2013
Edward J. Snowden, the former National Security Agency contractor who
leaked details about American surveillance, personifies a debate at the
heart of technology systems in government and industry: can the I.T. staff
be trusted?
As the N.S.A., some companies and the city of San Francisco have learned,
information technology administrators, who are vital to keeping the system
running and often have access to everything, are in the perfect position
if they want to leak sensitive information or blackmail higher-level
officials.
“The difficulty comes in an environment where computer networks need to
work all the time,” said Christopher P. Simkins, a former Justice
Department lawyer whose firm advises companies, including military
contractors, on insider threats.
The director of the N.S.A., Gen. Keith B. Alexander, acknowledged the
problem in a television interview on Sunday and said his agency would
institute “a two-man rule” that would limit the ability of each of its
1,000 system administrators to gain unfettered access to the entire
system. The rule, which would require a second check on each attempt to
access sensitive information, is already in place in some intelligence
agencies. It is a concept borrowed from the field of cryptography, where,
in effect, two sets of keys are required to unlock a safe.
[...]
_______________________________________________
ISN mailing list
[email protected]
http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org
