I felt a bit like one of the humans in Planet of the Apes (or the Simpsons’ version - Stop the Planet of the Apes, I Want to Get Off … click HERE) today when I saw the news about the breach of privacy by US State Department and/or passport office employees. They have apparently accessed passport records for Obama, Clinton and McCain over the past year or two. This is certainly a sensitive issue, and breaches like this should be detected and escalated quickly for response. It’s not clear to me how long it took for a proper response to occur in this instance, but once the media gets a hold of it, there will obviously be a lot of armchair quarterbacking going on.

The thing that bothers me, personally, is that a few of the reports I’ve seen were questioning why “contractors” were able to access this information, as opposed to having only full-time employees able to access such sensitive data.

That’s right, we’ve been outed. We’ll all just have to go back to working on payroll systems, I guess. Doh! Wait a minute. Payroll systems have sensitive information in them, too!

Excuse me, but who builds all of the USA’s most dangerous weapons and systems? (Aren’t they a little more sensitive than passport files?) Contractors handle most of this work, I believe. Yes, some contractors are even trustworthy enough to handle classified information.

Where I come from, personal information in a passport file is considered sensitive (in Canada, we call it Protected B designation), but not as sensitive as classified information.

Now, of course, all contractors around the world should be quite worried about the prospects of doing any work for governments now that their dirty little secret is out.

In case you didn’t catch my tone above, I was being a bit sarcastic. It pains me to have to point out the fact that the people questioning the use of contractors as a possible reason for these breaches are barking up the wrong tree. It just illustrates how concepts as simple as “Separation of Roles” and “Two Person Integrity” do not immediately come to mind as being relevant in these situations, even to normally intelligent people.

For example, when we design a system (including its associated human processes) with security in mind, we try to make sure that nobody (no matter how trustworthy they look, or who actually pays for their services) has access to, or control over, both the design and the operation of the system. This means that you should not be able to design a system with a back door that you can later use as an operator or user to give yourself more privileges than are appropriate. Similarly, no single person should be able to access a system to do something like change security rules without anybody else knowing or authorizing it.

These are the kinds of rules security architects (even contracted ones) think about while you are sleeping.

Thank goodness there are highly skilled contractors who know how to architect security for systems that do lots of important things for our society and government. After all, how many people (or apes) would actually get passports issued to them if there were no contractors allowed to work on these systems?

There will always be curious people; contractors or otherwise. Spending effort on securing important systems will provide a better system than limiting access to only full-time employees.