Correct or False? There was no way the Office of Personnel Management could have prevented hackers from stealing the sensitive private information and facts of millions of federal employees, previous and present.
If you guessed “False,” you’d be incorrect. If you guessed, “True,” you’d also be incorrect.
The appropriate response is: “Ask a diverse query.” Serious information breaches maintain taking place for the reason that there is no black-and-white answer to the information breach quagmire. So what should we be undertaking? That’s the ideal query, and the answer is decidedly that we should be attempting one thing else.
More From Credit.com: The Massive U.S. Government Hack: What You Need to Know
According to the New York Instances, the problems have been so extreme for two systems maintained by the agency that stored the pilfered data that its inspector common suggested, “temporarily shutting them down due to the fact the security flaws ‘could potentially have national safety implications.’”
Alternatively, the agency attempted to patch with each other a remedy. In a hostile atmosphere where there are recognized vulnerabilities, allowing remote access to sensitive info is not only irresponsible — regardless the cause — it’s indefensible. However according to the same write-up in the Times, the Office of Personnel Management not only permitted it, but it did so on a program that didn’t need multifactor authentication. (There are numerous sorts, but a standard setup utilizes a a single-time security code needed for access, which is texted to an authorized user’s mobile telephone.) When asked by the Occasions why such a program wasn’t in location at the OPM, Donna Seymour, the agency’s chief information officer, replied that adding much more complicated systems in the government’s “antiquated atmosphere” was hard and extremely time consuming, and that her agency had to execute “triage” to decide how to close the worst vulnerabilities.
Somehow I doubt recognizing that protecting information “wasn’t easy” will make the breach less complicated to accept for the more than four million federal staff whose information is now in harm’s way (or their partners or spouses whose sensitive personal facts may have been collected for the duration of security clearance investigations, and may have been exposed as well).
Much more From Credit.com: How to Guard Your self From Identity Theft
A New Method