Free Republic
Browse · Search 		Bloggers & Personal
Topics · Post Article

Earlier this week, Homeland Security Secretary Janet Napolitano announced what was touted as a "major aviation security milestone". Specifically, she claimed in a news release that 100 percent of passengers traveling within the United States and its territories are now being checked against terrorist watchlists through the Transportation Security Administration's Secure Flight program—a major step in fulfilling a key 9/11 Commission recommendation. Not so fast, Janet!

According to the executive summary of a just-released report from the Department of Homeland Security Inspector General Richard L. Skinner, there are serious flaws in the system:

Systems within the headquarters' enterprise Active Directory domain are not fully compliant with the department's security guidelines, and no mechanism is in place to ensure their level of security. These systems were added to the headquarters domain, from trusted components, before their security configurations were validated. Allowing systems with existing security vulnerabilities into the headquarters domain puts department data at risk of unauthorized access, removal, or destruction.

And that's not all:

Also the department does not have a policy to verify the quality of security configuration on component systems that connect to headquarters. Interconnection security agreements are present for each connections between headquarters and components to secure shared services; however, neither the agreements nor other policy define specific security controls required for connecting systems. Stronger management and technical controls are needed on trusted systems to protect data provided by the department's enterprise wide applications.

What does this mean? The very people charged with protecting the nation from online and offline security threats appear to have failed when it comes to protecting their own information technology systems which, in turn, was supposed to help protect the flying public.

If you "speak" IT and are interested in a more in-depth discussion of the issues, click here.

1 posted on 06/09/2010 9:43:25 AM PDT by BobMcCartyWrites
[ Post Reply | Private Reply | View Replies ]

To: BobMcCartyWrites

transparency... yeah that’s the ticket! transparency!


2 posted on 06/09/2010 9:45:05 AM PDT by Ancient Drive (DRINK COFFEE! - Do Stupid Things Faster with More Energy!)
[ Post Reply | Private Reply | To 1 | View Replies ]
To: BobMcCartyWrites

If it’s Windows, it’s not secure. Period.


3 posted on 06/09/2010 9:57:30 AM PDT by FroggyTheGremlim (He promised hope; he gave us hype. He promised change; he gave us chains!)
[ Post Reply | Private Reply | To 1 | View Replies ]
To: BobMcCartyWrites

ping


4 posted on 06/09/2010 9:58:55 AM PDT by elk
[ Post Reply | Private Reply | To 1 | View Replies ]
To: BobMcCartyWrites

Good idea, shootin’ their mouthe off about it. I remember back in the seventies and eighties there’d be little stories in obscure parts of the newspapers about how Fed inspectors were getting things past airport security. Logan was always on the list.


5 posted on 06/09/2010 10:00:14 AM PDT by gundog (Outrage is anger taken by surprise. Nothing these people do surprises me anymore.)
[ Post Reply | Private Reply | To 1 | View Replies ]

Free Republic
Browse · Search 		Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson