OMB asks agencies to double-check file sharing risks

OMB Memo on P2P Risks, 2004

Related Links

Prompted by growing concerns about the security risks posed by file-sharing programs, the Office of Management and Budget has asked agencies to review the controls they have in place to manage the technology.

OMB is particularly concerned about potential risks associated with having teleworkers who are processing information remotely, according to a July 24 memo obtained by Federal Computer Week.

The memo directs chief information officers to provide OMB with a brief e-mail message describing their existing configurations and controls for securing the telework environment. The e-mail message should also highlight any weaknesses found in their agencywide review and identify any steps needed to mitigate file-sharing risks.

OMB also asks that agencies incorporate new efforts into their Plan of Action and Milestones, which agencies file under the Federal Information Security Management Act. The memo referred to a September 2004 memo on “Personal Use Polices and ‘File Sharing’ Technology” for background on how agencies should protect against risks from unauthorized file sharing, specifically those caused by peer to peer networks (P2P.)

The potential risk of teleworkers sharing government files via P2P networks, which allow users to share files directly between computers, has lawmakers worried as well. Last week, experts and government executives testified that sensitive government information such as network diagrams, employee lists, security clearances and studies on the security of major U.S. cities are all available and actively being sought via P2P networks at House Oversight and Government Reform Committee hearing.

Experts caution that even experienced information technology professionals risk accidentally divulging data through the programs that automatically search hard drives and make downloaded files available for sharing.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.