FCWInsider

Blog archive

More encrypted data storage ahead for feds?

Castle Muiderslot, Holland

Castle Muiderslot in Muiden, Holland, and its moat. (Stock image)

It takes more than a moat to protect a castle, especially if it's made of data.

That's according to Mark Day, acting deputy assistant commissioner of Integrated Technology Services at GSA, who voiced a few interesting sound bites at an Aug. 22 IT procurement forum.

Day, fielding a question about cyber-security at the Lowering the Cost of Government with IT Summit in Washington, D.C., said current cyber efforts are not enough to protect sensitive data across the government.  He suggested all such data be encrypted unless it is in use.

Day referenced Army Pvt. Manning, recently sentenced to 35 years in prison for leaking classified documents to Wikileaks, and Edward Snowden, the National Security Agency contractor who divulged classified surveillance secrets to the Guardian and Washington Post newspapers. Both, he noted, were insiders – people against whom the large "moat" of on-premise cyber-security does little to defend.

"Insider threats have always been and will always be one of our primary issues – can you spell Snowden or Manning?" Day said. "If the moat didn't work, let's look at new models beyond the moat and a stack of paper."

Day questioned why data was ever unencrypted "except when it is used on screen," suggesting it be encrypted at all other times, including when it is essentially "at rest." He hinted there would be problems in such a scenario, though he did not divulge what they would be.

Ultimately, Day said existing cyber-security measures may help keep out the bad guys, but only if those bad guys aren't your guys.

"We're doing a lot of work to build moats," Day said.

And the moats aren't working.

Posted by Frank Konkel on Aug 23, 2013 at 11:36 AM


Featured

  • People
    Dr. Ronny Jackson briefs the press on President Trump

    Uncertainty at VA after nominee withdraws

    With White House physician Adm. Ronny Jackson's withdrawal, VA watchers are wondering what's next for the agency and its planned $16 billion health IT modernization project.

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.