http://www.gcn.com/print/26_09/43568-1.html By Patrick Marshall GCN Staff 04/30/2007 issue You don’t miss the water until your well runs dry. And when millions of BlackBerrys lost their e-mail capability April 17, it suddenly became clear how dependent many people in federal agencies and departments have become on the devices. “Certainly, the senior folks in the agency view them essentially as an extension of their bodies,” Corey Booth, chief information officer of the Securities and Exchange Commission, told Government Computer News. And when the e-mail service went out, Booth said dryly, “it was certainly a source of complaint.” At first, Research in Motion offered few details of why the service was down. Only two days later did the company explain the outage, chalking it up to insufficient testing of new caching software in its network operations center (NOC) in Canada. One factor that made the outage more widespread than it otherwise might have been is the BlackBerry system’s highly centralized message routing. All e-mails are routed though one of two NOCs — one in Canada serving the Western Hemisphere and one in England serving Europe, Africa and the Middle East. Booth said agencies and departments would be well-advised to plan on future failures. “The thing that everyone has to understand is that there are very few forms of technology, particularly of communications technology, that are foolproof,” Booth said. “You can have a RIM-related failure, you can have a telephone company-related failure, you can have a failure within our e-mail system, you can have a failure at any of the gateways between those various systems. There are a lot of places where problems can occur.” That’s why it’s critical for staff to have a Plan B. “Plan B can be pretty simple,” Booth said. “It can be just carrying around peoples’ cell phone numbers. Plan B can be knowing how to log in to your e-mail from home. There are lots of things that people can do that are in the category of somewhat inconvenient but workable workarounds.” Some analysts have also voiced concerns about the security and reliability of a system that depends on such a centralized architecture. And, particularly for federal agencies and departments, there may be concerns about routing e-mails through NOCs that reside in a foreign country. “If the software vendor can be forced to cooperate with government agencies, the possibility exists that the wireless e-mail software could include hidden eavesdropping capabilities in accordance with governments or intelligence agencies for various purposes,” a recent Gartner report states. For that reason, some governments — including France, Germany, Great Britain and the Netherlands — have opted not to rely on such systems. However, Booth said, not all federal agencies need to be concerned. “I’m not arrogant enough to believe that our business [at SEC] is so mission-critical that we would be unable to perform our mission without having two NOCs owned by RIM,” he said. On the other hand, “if we were, say, a first-response agency of some kind — like a FEMA or a DOD — I might have some concern.” RIM’s response to the outage is not likely to put concerned minds at ease. Apart from its brief statement citing the software glitch as the culprit, the company has been quiet on the issue. A week after the incident, no mention of the outage or its cause had been posted on the company’s Web site nor had RIM responded to a request for an interview. __________________________ Subscribe to InfoSec News http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Tue May 01 2007 - 02:30:59 PDT