Eid Passport: How the Navy Screwed Up D.C. Navy Yard Security Big Time

Impact

The biggest question about the Navy Yard shooting is how Aaron Alexis was able to obtain the security clearance necessary to enter the Yard. A leaked audit of the security protocols in place has the answer: the Navy dropped the ball, both on physical security and background checks for security clearances.

Everything we learn about Alexis suggests he was a very mentally unstable man. It's been reported that he heard voices. Others say he was "not happy with America." Beyond that, Alexis also had a record of firearm trouble in Seattle, Washington and Forth Worth, Texas, illegally discharging firearms in both incidents. So how on earth did Alexis receive clearance to work on computer systems at the Navy Yard?

The Navy tried to cut costs and got sloppy with security clearances. The Commander Navy Installations Command (CNIC) used a system named the Navy Commercial Access Control System (NCAS) to contract out background checks and security clearances to employees at the Navy Yard. The bid for vetting went to Eid Passport.

The Eid Passport bid was supposed to save the most money, since their service was supposed to bill the contractors for their ID security clearances. The audit discovered that the company was actually billing the CNIC via their contract.

It gets worse. Eid Passport's vetting system, Rapidgate, relied on record checks for the employees. The audit revealed that many of the records were out of date, and subsequently not up to federal standards. Contracting to the lowest bidder turned out to have serious security holes. 

The worst finding was that employees were given interim 28-day passes before background checks (with out of date records) were even completed. The audit discovered that 52 felons were granted some form of access with this system. The audit concluded that "NCAS did not effectively mitigate access control risks with contractor installation access. Not only did the CNIC fail to cut costs, they actively endangered all personnel at the Navy Yard, and helped allow the recent tragedy."

It's time for government accountability when it comes to contracting security. This isn't even the only recent high-profile case. Edward Snowden's vetting at Booz Allen Hamilton had discrepancies, which aided his access to NSA documents.

If the government continues to contract out security jobs, there needs to be some change. Contractors have to rigidly apply federal standards and be punished if they don't. Contracts and payment policies need to be amended to eliminate loopholes and flat-out fraud. Most importantly, interim security passes should be eliminated and employees should only be hired with up to date background checks.

It's more than a shame that it takes a tragedy to point out obvious flaws. And because it took so long, 12 innocent people are dead, along with their murderer.

DODIG-2013-134