[ISN] N.S.A. Leak Puts Focus on System Administrators

http://www.nytimes.com/2013/06/24/technology/nsa-leak-puts-focus-on-system-administrators.html By Christopher Drew and Somini Sengupta The New York Times June 23, 2013 Edward J. Snowden, the former National Security Agency contractor who leaked details about American surveillance, personifies a debate at the heart of technology systems in government and industry: can the I.T. staff be trusted? As the N.S.A., some companies and the city of San Francisco have learned, information technology administrators, who are vital to keeping the system running and often have access to everything, are in the perfect position if they want to leak sensitive information or blackmail higher-level officials. “The difficulty comes in an environment where computer networks need to work all the time,” said Christopher P. Simkins, a former Justice Department lawyer whose firm advises companies, including military contractors, on insider threats. The director of the N.S.A., Gen. Keith B. Alexander, acknowledged the problem in a television interview on Sunday and said his agency would institute “a two-man rule” that would limit the ability of each of its 1,000 system administrators to gain unfettered access to the entire system. The rule, which would require a second check on each attempt to access sensitive information, is already in place in some intelligence agencies. It is a concept borrowed from the field of cryptography, where, in effect, two sets of keys are required to unlock a safe. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail