The National Security Agency (NSA) has updated its security policy after Edward Snowden's theft and distribution of classified data. The policy changes are designed to improve data security and prevent future internal data breaches. Are they enough, however, to prevent the next Snowden?
In an interview with George Stephanopoulos, NSA Director General Keith Alexander stated that there were no "alarm bells" that identified Snowden's illegal activities. He admitted that the "system did not work as it should have" and enabled Snowden to access and download sensitive information. Indirectly, Alexander admitted that the NSA did not employ the Host-Based Security System (HBSS) to prevent the use of removable storage devices, like USB flash drives also known as thumb drives. Snowden utilized this type of device to download and remove data.
In addition to admitting to a system problem, Alexander provided policy changes to prevent future data breaches. He stated, "we are now putting in place actions that would give us the ability to track our system administrators, what they're doing, what they're taking, a two-man rule. We've changed the passwords. But at the end of the day, we have to trust that our people are going to do the right thing. This is an extremely important mission defending our country."
Alexander's statements indicate the NSA has updated its security policy to deal with insider threats. Previous security activities may have focused primarily on preventing hacking into equipment from outside NSA's walls. The changes now address the possibility of data breach from within the walls. While his statements are interesting based on what he said (admission to security oversights), they are also interesting since he did not mention other areas that could improve data security at NSA.
He did not specifically mention whether the HBSS would be employed at the NSA or if there were changes to the use of thumb drives. The devices are small, portable, and can be easily hidden. While their use had been banned, Snowden was still able to utilize one for removing data from the NSA.
Alexander also did not mention if there were any changes to file security at the NSA. The importance of this is to control access to files and what can be done with the files once opened. Changes to this area may prevent files from being downloaded or viewed by individuals who do not possess a need to know for the information.
While Alexander has addressed certain security issues, he did not mention preventing the ability to download NSA data or restricting data access. This may have been done due to security concerns or for brevity during the interview. The biggest question is whether the known policy changes will prevent another Snowden or if more should be done.