Return to Article: Contractor networks create security risk, Defense official says
-
45180
This concern is way overdue. Vendors with federal contracts should be held to the federal IT security standards (which are think in volume). That these vendors routinely access federal systems and data via their non-federal networks is a huge backdoor vulnerability. See, security measures (protecting the tax payer's data) is not always profitable...and ALL vendors are endeavoring to turn a profit.
I'm not faulting the vendors for that, but it should be understood that profit will always come before security for these entities, thus they should not be allowed to police themselves in this area. Feds charged with this responsiblity must be allowed to exercise control over it.
-
45179
Unfortunately, since contracting out a number of positions formerly held by the Government workforce, this continues to be a problem. The only way to ensure contractors abide by the policies and procedures is to ensure the proper penalties are defined in contracts and if after three offenses, contractors should be T4C (Terminated for Convenience) or T4D (Terminated for Default) and if occurrence is prior to contract completion further penalized for re-advertising and hiring a more competent company. If these infractions were committed by a Government worker, they would be penalized either in the form of counseling and/or administrative action. I cannot fathom why the same cannot be applied and/or enforced for contractors. It behooves the Government to ensure the proper procedural guidance is in place to detract those shirking their responsibility and/or companies hiring foreign nationals not in possession of the required clearances working with sensitive data. All too often prime contractors are focused on their bottom line and not the end product or acceptance of responsibility for their complacency. My concern is the passage of sensitive data through a breach or flaw in the system and the disclosure of information without authorization or official sanction. It's past time for imposition of penalties to preclude data getting into the wrong hands.
PROMO RIGHT: EVENTS
UPCOMING WEBINARS
DECEMBER 3
Achieve Program Success: Unlock the Management Information in Your Data
DECEMBER 8
Emergency Response
DECEMBER 10
Practical Transparency: Applying Exchange Networks for Mission Results
DECEMBER 15
What Healthcare Reform Means for Federal Managers: Roadblocks to Management and Oversight
PROMO RIGHT: DIRECTORIES
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.