Randi Greenberg: The security minder
A conscientious information security manager for the Homeland Security Department’s US-VISIT program insists that higher-ups listen to her on security matters
Randi Greenberg, information systems security manager for the Homeland Security Department’s U.S. Visitor and Immigrant Status Indicator Technology program, has the task of securing information collected for the program. That is no small order. Other DHS bureaus — such as Immigration and Customs Enforcement, Customs and Border Protection, and Citizenship and Immigration Services — contribute information to US-VISIT.
Trying to integrate information security across different agencies in different locations is challenging, Greenberg said. She must also coordinate information security with components outside DHS, such as the FBI, which maintains a fingerprint database, for example.
Greenberg was instrumental in that integration process as a contractor about two years ago. She is now responsible for maintaining the information security structure that she helped establish.
One of her biggest initial challenges was trying to standardize everything from technologies to policies, she said.
“We’re all DHS, so we should all follow the same policy,” Greenberg said. Trying to consolidate policies was among the biggest challenges, she said.
“It was trying to achieve my mission and trying to get everyone to agree on how to do it,” Greenberg said. “People have their opinions — be it old school or new school — on how it should be done.”
Greenberg is also responsible for various technology proof-of-concept programs for border entry, such as trials for testing the usefulness of mobile devices and radio frequency identification technology.
“There’s another project that we just did: the interim data-sharing model,” she said. It is a first step in a long-range plan to merge DHS’ biometric database with the FBI’s fingerprint database, she said.
Some of Greenberg’s other accomplishments are management achievements. Scott Hastings, who recently announced his resignation as the chief information officer for US-VISIT, said Greenberg argued persuasively to require passwords on all Research in Motion BlackBerry devices distributed to US-VISIT employees. The reason for that requirement was to ensure that the agency didn’t lose important data. Greenberg had the unenviable task of telling everyone, including the program’s directors, that they needed to sacrifice convenience for the sake of better security.
The initial reaction was negative. But Greenberg personally ran a tutorial to help the staff and executives understand the reason for the requirement. Hastings said he received letters complimenting his staff.
The BlackBerry story is indicative of her approach to all assignments, said Hastings, who praised her “firmness tempered with [a] grace that is exemplary.”
Greenberg laughed at hearing herself described that way. She said she believes in the importance of information security.
“Everybody is responsible for user security from the user to the director, whether they’re above me or below me,” she said.