Los Alamos computer thefts prompt DOE security check at nuclear lab
Computerworld - Los Alamos National Laboratory last week launched a monthlong effort to ensure that computers taken off-site by employees fully comply with the nuclear research facility's information security policies.
Officials at the U.S. Department of Energy (DOE) facility said they are also conducting a full review of the policies governing the use of lab computers at the homes of employees.
Both initiatives were launched less than two months after the theft of three computers from the Santa Fe home of a lab employee and the subsequent disclosure that several dozen more systems are listed as missing from the U.S. nuclear weapons lab.
Jeffrey Berger, director of communications at the facility in Los Alamos, N.M., said that lab officials are taking the loss of the computers "very seriously."
"It is true that [the lab], like any large organization that uses computers, has had computers go missing or get stolen," he said.
Berger insisted that despite the recent thefts, the lab has "consistently earned some of the highest ratings for property accountability" by the DOE's National Nuclear Security Administration (NNSA).
Berger added that none of the missing systems held classified data.
The loss of the Los Alamos computers was disclosed earlier this month by the Project on Government Oversight, which posted on its Web site a memo from the NNSA to the lab expressing concern over the stolen computers.
The Feb. 3 memo noted that the DOE inquiry into the January theft found that as many as 67 Los Alamos lab computers were listed as "missing," including 13 that were known to have been lost or stolen. The memo chastised lab officials for what the the DOE called significant security weaknesses, as well as configuration management and accountability issues. It also cited uncertainty about the "magnitude of exposure and risk" resulting from the loss of the computers.
Berger contended that the memo and other reports about the thefts posted by the nonprofit watchdog group had "distorted the situation."
This version of this article originally appeared in Computerworld's print edition. It's an abridged version of a more in-depth look into the loss of computers at Los Alamos National Laboratory.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts