[ISN] The Longest Yard and a Half

From: InfoSec News <alerts_at_private>
Date: Thu, 27 Aug 2009 03:33:15 -0500 (CDT)
http://thedailywtf.com/Articles/The-Longest-Yard-and-a-Half.aspx

By Jake Vinson  
in Feature Articles  
2009-08-13 

Owein R. knew that security at the government facility was going to be a 
big deal, but it wasn't clear how big a deal it was going to be until he 
started his job.

To get anywhere in the facility, you needed a pass, and these were 
granted on a least-permissive basis. Even if your clearance was high 
enough, you still needed a pass to get into certain areas. To be granted 
access to a restricted area, you either had to have a pass, an 
appointment, or to be escorted at all times by someone with a pass - 
this included lunch and bathroom breaks.

One of Owein's tasks required him to gain access to a restricted area of 
Building A, and since he had no clearance to the area, he'd discussed 
ahead of time with the security officer that he'd be needing access, and 
that he would come by and grab the pass the following morning. The 
entryway opened into the security desk and offices, which was as far as 
you could get without a pass. The security officer was in a secured 
area, but it was literally on the other side of the wall from the 
publicly-accessible security desk. Since Owein wasn't allowed in that 
area, he called her from the security desk.

"Hi, my name is Owein R., I understand you have a pass for me?"

"Yes, I do," she said, sounding a little flustered.

"I don't have clearance to enter the SCIF, could you please bring the 
pass to me? I'm in the main sec-"

"Sorry," she interrupted, "I absolutely can't break away right now, I'm 
terribly busy."

"So..."

"So you'll need someone that's approved to be in here to escort you in."

[...]


________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org
Received on Thu Aug 27 2009 - 01:33:15 PDT

This archive was generated by hypermail 2.2.0 : Thu Aug 27 2009 - 01:40:51 PDT