/* */

21 May 2007

Document security in the contemporary information environment

We need not continue to berate the issues of lack of technological investment and familiarity which have allowed so many recent inadvertent and unauthorized disclosures, damaging to national security and national prestige. In this, the infamous Sgrena investigation report is by far the best case example one could highlight for the lack of effective information management procedures (which resulted in work arounds which were neither effective in coordinating sharing between entities, nor protected information which needed to be secured.)

Thus, we winced when open media reporting brought to light what was described as another potential example from the Iraq theatre of operations, this time from the (much older) Coalition Provisional Authority reporting. However, upon further examination there is (thankfully) less there than meets the media's eye, as is discussed by Lamplighter.

But it will never cease to amaze us that in this day in age, a full decade and more since the widespread adoption of secure communications technologies built on commercial platforms, that there are still those in the community that have not mastered the basic and essential everyday sanitation procedures to keep their systems (and their service records) clean. The CPA documents case is instructive, not because of what was compromised, but due to its very graphic illustration of how many politically motivated individuals are out there looking to exploit any lapses for their own gain – and how many others are out there willing to pick up and repeat any allegation as long as it contains the magic words and classification markings.

Be thou warned.

h/t Instapundit

Labels: , ,