Tech: Desktopgate? By John Irvine

Allthepresidents3_2It seems like only yesterday that officials at the Veteran’s
Administration were issuing public  apologies and pledges to get serious about
security after the theft of a laptop containing the personal data for 26
million U.S. servicemen and women. Laptopgate turned out to be a little less serious
than the early reports predicted. The missing laptop was eventually recovered. The perps dragged away in chains. And
government officials left feeling highly embarrassed. Desktopgate looks to be a little more serious. This time
a large government contractor (Unisys) appears to be responsible.

Leaving aside the question of how exactly you lose a desktop in the first place, this looks like it actually might be a bigger deal than the original security breach at the VA. While less
data is involved, the missing information includes the names, addresses and
social security numbers for tens of thousands of veterans treated at VA
hospitals in Philadelphia and Pittsburgh. It  also includes insurance information and details about medical conditions. Making things even worse, data for an additional 20,000 patients
recently treated at the Pittsburgh hospital may also have been, er … lost. 

Before anybody resigns or holds a press conference blaming a
culture of official incompetence at the VA, let’s think about this. If the incidents over the past few years are
anything to go by, computer theft is a problem that has now reached epidemic
proportions. It seems logical to assume
that the number of unreported incidents is far greater than the number we’re
hearing about.  Unlike government
agencies, corporations are under no legal requirement to inform anybody if data
goes missing. Not many are willing to
take the PR hit that goes along to owning up to a mistake. Why would they?

As many observers have noted, it is apparently human nature to lose/take computers. So what can be done? Developing realistic
policies for data control would be a good start. One sensible approach might be
to equip all government laptops with RFID tracking technology (See: If he
beeps, He’s clean Bob
) so that if a computer escapes it can be easily tracked
down. Alternatively,  we could use the Tommy Lee Jones method and handcuff people to their computers. But that doesn’t sound like a very good solution in the long run, given that handcuffs are generally considered fairly uncomfortable things.  I have a feeling that a fortune – not to mention a government contract – awaits whoever comes up with a clever solution to this problem …

Categories: Uncategorized

Tagged as: