Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


VA Secretary Announces New Security Measures



 By: Wayne Rash
2006-06-08
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Secretary of Veterans Affairs James Nicholson announces new security regulations after a hearing before the House Government Reform Committee.

WASHINGTON—Secretary of Veterans Affairs R. James Nicholson on June 8 called for criminal penalties for VA personnel who fail to secure protected personal information.

Nicholson called for the heavier sanctions in an impromptu press conference in the Rayburn House Office building. He was speaking to reporters following a hearing before the House Government Reform Committee where he was questioned about the theft of records containing personal information on over 26 million current or former members of the U.S. military.

In his testimony before the committee, Nicholson recapped the events leading up to the data loss, and explained what he had done once he learned of the problem nearly a month after it was originally reported to police.

"I am outraged at the theft of this data and the fact an employee would put it at risk by taking it home in violation of VA policies," Nicholson said in his statement to the committee.

He also said that he was greatly concerned about the slow response by VA management when the data loss became known.

Resource Library:
Nicholson also announced several major initiatives that would be undertaken by the VA this month. The major effort will take place during the week of June 26, 2006, when every laptop computer in the Department of Veterans Affairs will be required to be returned to IT security personnel for a review to ensure that all security and virus software is current.

At that time, personnel will remove all unauthorized information or software. In addition, Nicholson has ordered that no personal laptops or other computers will be allowed to connect to the VAs VPN or to perform any sort of official business.

In addition to recalling all laptops for their security audits, every VA facility will have a "security stand down" the week of June 26 for Security Awareness Week.

"Managers throughout VA will review information security and reinforce privacy obligations and responsibilities with their staff," Nicholson said.

Click here to listen to Secretary of the Department of Veteran Affairs, R. James Nicholson, speak with reporters outside the House of Representatives.

When asked about his actions following the theft of the VA laptop computer, Nicholson said that he has fired the employee who had the computer stolen.

He said that other personnel actions were also taken. "The acting assistant secretary was let go," Nicholson said, "and the deputy assistant secretary has been let go."

In addition to the firings, he said that he plans to implement even tougher policies. He noted that he expected to see criminal prosecutions stem from the VA data loss.

Committee Chairman Tom Davis (R-Va) expressed concern that the VA data security problems would be used by managers as an excuse to cut back or eliminate the current federal telework programs that let government employees work from home or telework centers in an effort reduce costs and commuting impact.

VA to recall all agency laptops. Click here to read more.

Davis also said he hoped Nicholson would be able to accomplish what hes set out to do.

"This has been a very dysfunctional agency for a long time," Davis told eWEEK in an interview following the committee hearing. "Were going to continue to hold their feet to the fire."

He pointed out that the VA gets a new FISMA (Federal Information Security Management Act) report card out next spring, and he looks forward to seeing that.

Previous FISMA reports have always given the VA a grade of F in security. Davis also said that he just learned that the VA wasnt employing encryption as a part of its security. "Its routine in the private sector," he said.

Nicholson said that he has created a task force to review access by all employees to sensitive data by June 30, and to determine who actually needs access.

He also noted that he expects all agency employees to have completed training in information security and proper handling of sensitive information by that date.

"We are accountable not only to Congress, but also to our nations veterans and our men and women who are wearing the uniform today," Nicholson said.

"It is my pledge to you that I am, and will remain, guided in my leadership of VA by what is best for our veterans."

Also testifying at the June 8 hearing were representatives of the IRS and the Social Security Administration.

Both of those agencies had also reported missing or stolen laptops recently, but the data losses were much smaller.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: VA Secretary Announces New Security Measures
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Wayne Rash
 


x}ks㶲*Q3CO#d[mXLj I)Rl+ /=(ɏsw&-`h F;vv> IM לڔ]Sã}w$wvC2Q-*rz&j9%G jD7R}f]S ׫L|Aშ :#:UG.Qk8 jZ53j5ևԗone0.IA6*VOմlZ P8 P.( &wm<$a} $aX<r'l^b&{Bq05;^7W2 X]ꄽ4-bҷ]pj:TN`UFfn aZ.9rzн;@L*: D=TVw2*-&1Ҿk)u5\`r*j@[6tG,#H>`3qI:V@h ɠæFq/!_Cp`aF +F=Ķ|hG' tq:rˆ_ֽYo׾n =wdFA0Y좖b#6fJۄؼ?0} $"#j9ˁ,ft 2 dþ;Ri_*aR,+CgCrL-gh*s'y|gԚ~+eUes:ʑGAn+p[J^׵Sq:nwڧ]rپi[r - o$&W JDTRBp$" Pc@G$t;/@B otVQ~ASC T$0yY>E郕4`‰EU}$V{"?Zu$uyX6&ZhCA+teP==}m]o;}MN7fI;i 폧׵Vz'^=v??mrO=.iT%53'&1I|[8 YtǷPZ,7/s$dBrZ~DX*,>JAͼ94ogo$cE@- u kKUykA 4+@_x0ND=kcfIr(,eg{j MH5Ŧ]`)eްNS{}̗U/d`(AK/g 5z:]R$y3DDȽ g/3/r.#}th8yWҽTWws iغT09;>].7+De,,Ⱥ s5ͷwfz;\gX?m6'sվEi|lUbyƆƇj9",$uuTSt*t ~^J jExQW_W,@F̶# &S;i0`;}LiMǵ8!9~tDAG66^K tcd>%äpp|w<͇v9SO/TaR֘ZN=H:]6Z\χ`C˖OCƀB랂9׻erom~ɒҾ}a vhq*~S`=w= O} w Gk 6G~[޷l0S8 q0yzODg$@!"-i]NP@Ar6W? -,rr4|?#!bTLZ(6ݞH:wnO-KEscMX*QY,p[/ Pf%)5{~4 cbB|#'"Xr`Y \h+|i)lb V.hiȨPs0=CWV+%EU} H&`*h[rcX^0&1 7RiwDI1?,xP7˰`SPn4WPo>j7A1M-$kg> P^!M;fL ¯NU]-KGthNBUTC_K+8從2MS|,n^ß#>d .z2H(p0ѿyyBbOxW;rKkF*+)˼ܳPӔ S% LzyO).Ez#wLl㔜Ġ;F]S;tOk{'ORd-xhV+mH_T?uRaO,H#o koռy_xui8Hi -BrB`}.,y6GgQ4ӋdJ h҃\{cOEMĝ~K*+GG&,m+Vod~4Ej~Z,<>ki8,@ r; poIJ*6*SXS؝zд\"ҙxGnGzg@>9`3ǟG )a!c$P+}ne0Ԫ-Q -"|@( K ؈lЁ*txb²{6הm!uϥ_ ͧ&v*>1f&6X˦>oٳUQA̫%UXwV~=KJAUcϒbsMD@knV2 &Gm܁kC6fuE3Ʊ4&t%ra9p9& VziHe /ZaǺ CؚyeWySeֆS[!䚻!`TCff:vV*w[;$!UT7wAQ xHkM8vهE1{E[# :07f/|P"8 y}@*&Ojq1 b h bAzqcEOA$VT!RBS?w2_! "LGt&VB[aQT*h*(S$i 5`=w0GYu`~2|͏ef/~Rz6큽ܮ[Ks3/gx/ F0h'0^ɒǖo|V_>]Hk )2)<ڗ`rUTՑG7`sg'k=F&ڇ `DDnЬ 0ԴgsZ-,?Al ޯј D@/eOUWL @(8g܎:z>- (W` 6Z0`ƏQalX[ T}zoB6E׌t0HN{Wlȡ0p_ܷV}uP@" ILԼ*Woᘻ,OQtý?,y6UG3 о N-(MR!G:{Jp qՆaVJ 9dDfaNg• ek&; [)*1<WKU05Vrďtn:Oe*r1#_?M [L4zɖ0'`OO- r uhՂ|ͧ rw\2Z|_/giGu"M."08@dDR3=@7$p5 zS))r*H+ů 3ˁ; _֧.l'Ʊz>J>hG2edQHVz\ 4g2<L.Mo 4y @QZkoZ,+eyPc/ JU-A^Mo6=HT\SGV:<zIc#&a\khivcO]产Z"ZT6 Jx \O Zlm7M Lqa?ͥg7ekX> B5)@u%hrGSYq {a\/}n/$h@^1Mu0@'L{%]M;o\@!Tcj`2L8[ knQ,: aT#CnƝj@iUI+T Z} =2AatA*}'*\DIvSf﩮 Ϛ8_A|f^%5LRiEmT)ߑN\X c ( rQ-ã,z(d2rY+`7&ʠK= j ;! ]DZv|V n&<1wOX\dK!M7F@"'!Z+3,qvë eVqe^?3Z cSwWwv׏ZU}" }M ޟpفd#;?Jn['ݳR>i+6.Z_ su_;n}y@Dмx֍Rq珅%<jԺ}n<   cJ=!o8iu_i9$C `I/ԩ #^?DrAFzRFijqaAa1:*:;_a(kᷘo9?Oů1Ok7tAh[(+tNz4 \2[IN:iݐ!4riQ$M "a.A-H7վi^eԉ(%4 \({6-~G( c`a(1T$-z`eanKlx0f9RLɔ&'.ϓp|Lh+'IZV6X(4%!44QЌObCYB*C7' ҹj\npVPto6_xvImK$cΖ&!ė4 y) |8RB[(5*VZRZ-VVyʏXIzSaJf S/wuOmOǎX{yr?g'q?Iȸt2Ti 'SXrw;ѺB ~ݞC5O4P\/O&7v/:zMf' ǻc Ǯ~'ݻ~wq*A-wK @ƣb`@Ɍ7COz= =#tz=ȥֻ݅q?*~] {~ ]ݣPIݣ;~=Ғ(r۝ZD ܎qw5Q4{qI9.|}?s`\TzH^8؈ڽ]cg[D:*pCMtOyhL 6;x4kr:߃L/G OFxVջ3\@$T`\]w71&P)<A~A< v4){˷x:Z}in3d⫆܆~@F' ZYOXW+O"?'qFԱQo*o_O6oN{cA|3 e\1kp௩7/7__B !]sh3[aGɨ0^>="s(u߂Kd[OgFN- y6u2kjTR~a.Zş8?z9+ֻם?Bt>.)= @#rB.ؼ^ѧ r`j[1P3N,o\fcGO]=iʾTv%z>RGdLڭoZEƹKϣZ_Xz(u1ߵ,q5'0|oUv?82<֟b'w% wEߋsBlxd5i2Pq <:Ѿ ) \;]1(poGZ?mE٣NljEYP1L~mdBfmKHݩh z#Y=\5M+w17-yT%)y_C##Xm`L*_fl2I"a\֍Y I 5@FRĢ;gx6v+`>"a.  Fȋ`gZ!!AUlWԻ}:>պ/ĐYnuֈv6V`s1בLDz/f#'~s~s~s~sLUmWndܺ`#ՀYӄʜؖI1ao= oV~WV-ʷj,U%\'G_Ҝx1uz:ϫ'눎>-@pg 8wOnV|}bfEwDH} S<`(V^ iQ$B" HCBkG<%!6GA}W#0m"xܾW.p&7#4jQ~3&&zG8 `+DS63W]1^J+Pв%VZ^`E@ != I9[T܅%#꺦>˦%j#n`ޞdIjmwIbKPe*=x??7d6uBl0FV´笃As{%AYQ_\o^lw*G7=_ b M$%?<)1;mO-!po2!_(-Woi^$FD+SnzyT{Z3h~w dV&6.{M_r&`ljVUEQzZO&0m-mYޣc.${UʲmZZ$&˲jX>x<݃y{©Yj|ubE$tF87?җ,+☱fniO%SyfI4P7DГ 5.$4޵w |O_/Em/sy`2&晫AܓatWb6Y|gjw OQ4b.f# aL7:#wOxqST5L%o(r[=XHq})6#Ӣ=F(KLr|4Ґts'u8xJ]yDZ'Tݦ!e q̒~fSx/f f4}Su&P[z鏉+H#? K@)`G%|B~x[ww»QOAs副}eu-~("Bx8j s{w{[$]O"0"l~4uP]RSW-Zoˉ[+W3rh!@ ,%9n,"xa C/yu%.ϙy p#(iL򃃹"텡6ǜMEfAWYT9^,U}u9b?=GutNj-biA.c2·Y1a*B UNz ytBu0*R!ѤFLV5-F55R9}jZbfچX50\Vz^3vX5ĮZVںfqwzRKo^=E'inVu&z}[w#On@OGp'찔?1W5d(.1J#[ `65\OR.g@%[6\ 0!4)lW-TP+(%\NB;xiuIS PxxX B{OO~GOn +cm4XmsvAeB<~ڕ{{n/1~݈++ٱK3=Od H Wkm2R)5)?S\mD νNbe#/V7S#=bXYrR~<.^ahKZI<+ Nc1q< @gLwtc@$ 5,k`\oadxdÍ=-xf''&`r&f&3ZIB=XB<_7)<1_*J@(fYir' o.'Vv/>VHUoh]2<W=W|)]R 4V|~}^MMLSxC7+({ʞޓ_q;~m@!"r? Ia:$.+JAW1^N- [zpe\ 3cuh cr*g?DpVБ`%A1HcvQk~(Jխ c^ TpbȆd5B&t8%7>|?_w:iy`nOKZŒ 5" d, KZPi cזcSd-?׿Ŝv늱1rsT-uB@a=Q#3(+y/D"t]\P"@H>S|XP؟e IHb*u~6`6q}``EP00a|LaP{OPn 0Y:vN*' D_=PgA~¾\b@Ԕ0(V$!Ѕ8i,)@"!9͉V1+a]?Y/#~|a{P\  +z+U'I]UiO)p!xW`ǪZJWv^ϧx2n?4!W)WPh r#vFCd2=cBqz،PݑfquuI^7s|ݺڗy޾O֒_n՝ɗ՗euO-L(_s}iP4eJE)SS9mk,% y*w"_}#ه^V՟p3jlcinuW;y}8]5>6Cg:'[5}o':RNw ߽,R tAc,>N(NBhعkjYr&-\ʠaC7aoYb J;c`\;o=2gji }fy0\9 h `z4}z<8J)g,#[LotO:\dL$pgB͛Ktޭ@eD˪U&a>ژ# pa jϗ=;n%cD$Q#ErlyOȼ!F0BNX0 8[]^L:O~*K<rp1 }Ն`Z]xS#i^rq5b ̸.[)d~^j]6bRFՍ3㣍A=0FFӴFo"9݌ ţ2aў(Yc{XnDh/!ݞSWZu;ݩ)a4<T#0?f FsX00wYW.Ar" /T3l}Gۉcɤ Id|1+C_Kwi =yF˟4.a&v_Ϙs˙>9@p79|0CDa0?K*_yl x$Qh/!I';'y w;'ƮDޞ)a%NABWd' A'|NbOh)23Up& i#:4!z"#½_ r:'쭰F |m+n]1RNFٍۺ"מ  Oւ)w~Y~l+>DыpaHzBXϑ/,Mav /gY{q}UR=I*4eMfμِ{j鱽$Vr.Q =@U7VAg3SY,> V_dvO~5B+π 8H2Gd!᳤c"9(#.X&">m?'6}Fu;I"@[:SAW Cr  ]{>wKu!AY=_vs[ m73Tt` GYe`+r k5-E6܋;ξV ^f#s,ƫ lI12ePCik9Z 0DqU XâWqTR:!; /D?8- ci, ;dcXJg,oN*)Asa#El [Ap^7fWm3S<"Y4/dL x%L+DdzU\Z ^chX$֬="KL0GN= `5>gvC{%=\s*&tȵa=u1X׷u㎗5?}n<Š6Ҍ%!괯Oi B"Ew89i]~LVzv`ݯoS g