Tuesday, July 17, 2007
Department of Energy Levying Security Breach Fines?
Apparently, the Department of Energy (DOE) can levy fines for security breaches - when you're working for them and allow their information to be stolen. At least, that's what's currently happening to the University of California, and a company called Los Alamos National Security, in connection with a loss of classified information from 2006. According to this article from ComputerWorld, the DOE has proposed a fine of $3,000,000 on the University of California, Oakland - the largest fine ever assessed by the DOE. The university, not surprisingly, is fighting back, noting that the breach took place after the university's contract had expired, and noting that the university had taken a number of steps to enhance security. One particular measure taken by the university which is likely to become a trend in other enterprises is the implementation of a diskless and medialess environment, which, when properly implemented, can address one of the most difficult challenges in information security - sensitive data walking off in a portable hard drive or other medium.