By now everyone has heard the news about the security data breach at the National Security Agency.
So frustrating right?!
If only the NSA were using secRMM’s “Enforceable two man policy”, Snowden would have not been able to copy data without another human involved.
Below is a hyperlink to an article discussing the security breach. Below the hyperlink, we extracted key excerpts from the article. Each comment could have been addressed by secRMM.
As a system administrator, Snowden was allowed to look at any file he wanted, and his actions were largely unaudited. “At certain levels, you are the audit,” said an intelligence official.
He was also able to access NSAnet, the agency’s intranet, without leaving any signature, said a person briefed on the postmortem of Snowden’s theft. He was essentially a “ghost user,” said the source, making it difficult to trace when he signed on or what files he accessed.
The “thin client” system and system administrator job description also provided Snowden with a possible cover for using thumb drives.
Finally, Snowden’s physical location worked to his advantage. In a contractor’s office 5,000 miles and six time zones from headquarters, he was free from prying eyes. Much of his workday occurred after the masses at Ft. Meade had already gone home for dinner. Had he been in Maryland, someone who couldn’t audit his activities electronically still might have noticed his use of thumb drives.
A free two week trial of secRMM is available at Squadra Technologies.