Gartner slams government security guidelines

Powered by SC Magazine
 

Nothing but a PR stunt, claims analyst.

Analyst firm Gartner has dismissed a tightening of security rules for US government agencies as a mere "public relations response" to recent high-profile incidents.

During a burglary in May, thieves stole a laptop containing confidential information on 26.5 million veterans and military personal from the home of an employee for the Veterans Authority.

The laptop was recovered in June and it is claimed that the data was not accessed.

Also in May, a recruiter for the Internal Revenue Service lost a laptop with information on 291 of the service's workers and job applicants. In both cases the data was not encrypted.

The US Office of Management and Budget issued a memorandum last week requiring federal government agencies to report "all security incidents" to the US Computer Emergency Readiness Team within one hour of discovery.

Agencies were previously required to report only unauthorised access to data within one hour. The rules allowed for up to a week to report "improper usage incidents" such as storing unencrypted data laptops or home computers.

But Gartner concluded that the new measures will only prevent embarrassing media reports surfacing before the authorities have been informed.

"Gartner believes that 'improper usage' is not defined clearly enough as it relates to personal information, and that either the Office of Management and Budget or National Institute of Standards and Technology should issue more specific guidance in this area," said Gartner analysts John Pescator and Jay Heiser.

"Increased and faster reporting will lead to little more than accurate and timely statistics unless incident response processes in government are drastically improved."

Copyright ©v3.co.uk


Gartner slams government security guidelines
 
 
 
Top Stories
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
ATO investigates 25 tech giants in tax hunt
Prepared to take tax evaders to court.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3052

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 970

Vote