I was reading the source document in: DHS Bridging Siloed Databases [Comments?] when I encountered a possible reason for the Snowden security breach.
Records in this system are stored electronically in secure facilities in a locked drawer behind a locked door. The records may be stored on magnetic disc, tape, or digital media.
You might want to read that again:
Records in this system are stored electronically in secure facilities in a locked drawer behind a locked door. The records may be stored on magnetic disc, tape, or digital media.
Something about storing records electronically “…in a locked drawer behind a locked door” tips me off to the writer not having a clear idea about computer security.
Here is one document that has this language:
Which covered:
CATEGORIES OF RECORDS IN THE SYSTEM: (1) Motor Vehicle Accident Reports. (2) Parking Permits. (3) Distribution lists of individuals requesting various Treasury publications. (4) Treasury Credentials.
And it reads:
Records in this system are stored electronically or on paper in secure facilities in a locked drawer behind a locked door. (emphasis added)
For paper records, ok. For electronic records, not so hot.
I’m not real sure what “a locked drawer behind a locked door” would mean for electronic records. Assuming anyone wanted to use or search the records. Maybe you could put them on a thumb-drive. ;-)`
Update: One of my regulars correspondents will accuse me of being obscure: Why Computer Security Fails? Ignorance. It’s just that simple.