http://www.fcw.com/article97898-03-12-07-Web By Wade-Hahn Chan March 12, 2007 The Lawrence Livermore National Laboratory in California may not be wiping sensitive information from excess computers it disposes of, according to a report [1] released by the Energy Departments inspector generals office. The national security research lab has been slow to adopt departmentwide policies for wiping information from unneeded computers before donating or selling them, a process known as excessing, the report states. Hard drives and other memory devices on excess machines must be wiped clean or physically destroyed, according to DOE policy. The National Nuclear Security Administration (NNSA) which oversees the lab dragged its feet in implementing the policy at the lab, the IG said, and as of this month, still hasnt fully implemented it. The lab excesses about 5,300 computers annually. Lawrence Livermore has its own agencywide policy for excessing computers, but the report states that it doesnt fully align with DOEs. Lab officials did not check computers for embedded memory devices, didnt test hard drives reused by the lab for sanitization and failed to provide adequate documentation of wiped memory devices. Despite the number of problems that we and others have identified over the years with the departments efforts to appropriate excess computers and other electronic memory devices, major department elements, including the NNSA, did not timely implement department policy, said DOE Inspector General Gregory Friedman, in a memo attached to the report. The IG wrote that lab managers did not agree or disagree with the report but said that certain corrective actions have been or will be initiated. In January, Energy Secretary Samuel Bodman fired the NNSA chief following serious security breaches at several national laboratories and the discovery of a hard drive with classified information at a former employee's home. [1] http://www.ig.energy.gov/documents/IG-0759_.pdf _________________________________________ Visit the InfoSec News Security Bookstore http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Mar 12 2007 - 22:47:42 PST