AP: TSA Laptops With Personal Info Missing
Oct 17, 2007 | 8:17 pm
#16
Original Poster
Original Member
Join Date: May 1998
Location: PDX
Programs: TSA Refusenik charter member
Posts: 16,127
-----------------------
essxjay sans mod hat
Oct 18, 2007 | 5:08 pm
#17
FlyerTalk Evangelist
Join Date: Jan 2005
Location: BWI
Programs: AA Gold, HH Diamond, National Emerald Executive, TSA Disparager Gold
Posts: 15,180
The only flaw in your argument is your assumption that IT security is exclusively TSA's domain. It is not. Information technology security is the standard for all government agencies, regardless of their charter/mission. The same IT security standards apply to the US Post Office as they do to TSA, HUD, DOJ, DoD and an endless list of alphabet agencies throughout government.
Otherwise, you are correct: there is no excuse for this sort of lapse in security by any agency.
Otherwise, you are correct: there is no excuse for this sort of lapse in security by any agency.
Also, while the "policy" may be the same, the fact of the matter is that there are many levels of security within that policy that cause as much variation as having completely separate security policies.
Were the policies all the same, we wouldn't be having to do so much paperwork at work and having to deal with multiple customers' security requirements.
Oct 19, 2007 | 3:44 am
#18
Suspended
Join Date: Dec 2003
Posts: 8,389
Not entirely true. Some agencies have freer hands than others.
Also, while the "policy" may be the same, the fact of the matter is that there are many levels of security within that policy that cause as much variation as having completely separate security policies.
Were the policies all the same, we wouldn't be having to do so much paperwork at work and having to deal with multiple customers' security requirements.
Also, while the "policy" may be the same, the fact of the matter is that there are many levels of security within that policy that cause as much variation as having completely separate security policies.
Were the policies all the same, we wouldn't be having to do so much paperwork at work and having to deal with multiple customers' security requirements.
I'm not surprised that you would quibble over such detail.
Oct 19, 2007 | 8:46 am
#19
FlyerTalk Evangelist
Join Date: Jan 2005
Location: BWI
Programs: AA Gold, HH Diamond, National Emerald Executive, TSA Disparager Gold
Posts: 15,180
I'm surprised that you of all people miss a very fundamental point. There is a minimum government IT security standard across the board. Some agencies have stricter policies depending on the information they handle. Classified information has a separate standard that is based on similar principles but comes with its own unique set of rules.
I'm not surprised that you would quibble over such detail.
I'm not surprised that you would quibble over such detail.
Thanks pumpkin.
I'm saying that there really is no set standard. There may be a "minimum" but by the time it's .......ized between all the agencies there really isn't a standard for security. At least nothing that doesn't exist outside of very minimal security practices like patching, antivirus and the like that every computer user should use anyway.
Please don't lecture me on IT security considering it's my job and my field.
Oct 20, 2007 | 2:55 pm
#20
Original Poster
Original Member
Join Date: May 1998
Location: PDX
Programs: TSA Refusenik charter member
Posts: 16,127
Folks, argumentative jabs have no place in this forum. Leave them on your cutting room floor and view them in the privacy of your own home. Further public sparring will lead to moderator warnings or suspensions.
----------
essxjay
TS/S moderator
----------
essxjay
TS/S moderator