I'm not sure how long this information was in her trailer. I would think for the sensitive stuff there would be audits. We had shift to shift audits of the TS stuff we kept handy, and I believe monthly audits of the Secret/Top Secret publications that we were required to have on board, but kept locked up in a safe, because we rarely used it. You'd think with all the problems they've had there recently they would have several checks going on to make sure everything was safeguarded. But, not ever having been there, I have no idea what the situation is, so it's hard to second guess their procedures, though obviously the current system has flaws (to put it mildly).
Even if they
did do audits, what's to stop her from just photocopying stuff and taking it home?
Remember all the hoohah about the stolen VA laptops this past summer? It took until a couple of weeks ago before my agency wised up and said, "Hmmm, people handle sensitive (not secret) data here all the time, and laptops go in and out of this building every day, unless people are just carrying their lunches around in those HP bags."
So they
finally set up laptop screening procedures that I could train a large dog to evade. First thing you need to do is fill out an application for a property pass, which your supervisor has to sign off on. Okay, fine, except that I don't know that anyone verifies the supervisor's signature. You then go to the security office, give them the application; they cut off the top part and give it back to you as a temporary pass; you'll get the permanent one
in a month. But you can start taking your laptop home
today.
Hmmm, what's to stop me from stopping by the cubicle of the enormously fat tub of goo across the aisle from me, writing down the barcode and S/N on her laptop while she's downstairs getting herself a 64-ounce soda (that's half a gallon, folks, and I'm not making this up...), filling out a property pass application, forgeing my supervisor's signature, and walking off with her laptop one fine day? Answer: Nothing save my own conscience.
Okay, once you have your property pass - permanent or temporary - when you leave the building, you have to open your bag or backpack or whatever to show the rent-a-cops that you have no laptop inside, or else show them the laptop and your property pass.
The biggest problem is, they don't do this every day. On the days they
do check, there's a big sign warning you before you exit, saying "Full Laptop Screening Procedures In Effect."
Thanks for the warning, guys; I'll be careful not to steal any laptops today. I'll just scope out the checkpoint tomorrow and steal one on a day that you aren't checking.
And even when they
do check for laptops, they don't check to see if maybe you removed the hard disk and stuck it inside your leftover lunch bag.
A couple of weeks ago, I put in a requisition to get a laptop cable lock so I could chain it to my desk (hadn't needed it until recently, when my office moved from a location where we could lock the door, to cubicleville). I'm still waiting. Meanwhile, Mrs. BPSCG recently started a new job and was given a cable lock with her new laptop; when the lock turned out to be defective, she had a replacement the next day.
See, this is why I don't believe the 9/11 conspiracy theorists.
