Pentagon flash drive ban has exceptions – of course

The Pentagon has granted many exceptions, possibly numbering in the thousands, to allow staff members who administer secure computer networks to use flash drives and other portable storage devices, department spokesmen say.

The exceptions to policies barring the use of such devices could make it easier for rogue employees to remove sensitive documents. But officials say waivers go to people who update software and run helpdesk services for the Pentagon’s vast computer network and are needed to run the system efficiently.

The U.S. government’s handling of sensitive documents has come under scrutiny since Edward Snowden, a systems administrator for a contractor with the National Security Administration, copied classified materials at a Hawaii installation and leaked them to the news media.

Snowden used a simple flash drive to store the materials, according to a government source close to the investigation.

Storage devices have been a concern at the Defense Department since the 2008 Buckshot Yankee incident, in which a malicious software worm known as agent.btz was uploaded to military networks by a thumb drive.

Then-Deputy Secretary Bill Lynn declassified the incident in 2010 and U.S. Cyber Command, which was established in the wake of Buckshot Yankee, banned the devices…

Cyber Command, cripes? Do you have to be a graduate of Star Trek Academy?

Since then, the Pentagon has bolstered efforts to prevent removal of classified data, Lieutenant Colonel James Gregory said. The department is in 100 percent compliance with directives to disable or tightly control use of removable media devices on the Pentagon’s secure network, he said…

While use of flash drives is largely barred, exceptions are granted to systems administrators who install software and manage helpdesk services for the department’s millions of computers and nearly 600,000 mobile devices in some 15,000 networked groups.

Decisions on who gets waivers are made by colonels or generals who have been granted that authority for their installations, brigades or other units, Pentagon officials said.

If your local bank is anything like mine the USB ports on all the computers are crazy glued shut. All IT maintenance is done on the network which maintains strict records and protocols governing who is accessing what. Banks have to be as secure as possible. The military get to talk about it. Congressional multitasking is chewing gum and checking online banking to see if the check has arrived from your favorite lobbyist.

I have no doubt that the system in Pentagon – left in the hands of people whose qualification is rank rather than ability – having a computer on your desktop that has flash drive access has already become a sign of status. You’re too important to be regulated by geeks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.