http://www.cqpolitics.com/wmspage.cfm?docID=hsnews-000002716318
By Jeff Stein
CQ National Security Editor
May 2, 2008
Hundreds of employee laptops are unaccounted for at the U.S. Department
of State, which conducts delicate, often secret, diplomatic relations
with foreign countries, an internal audit has found.
As many as 400 of the unaccounted for laptops belong to the department’s
Anti-Terrorism Assistance Program, according to officials familiar with
the findings.
The program provides counterterrorism training and equipment, including
laptops, to foreign police, intelligence and security forces.
Ironically, the Anti-Terrorism Assistance Program is administered by the
State Department’s Bureau of Diplomatic Security (DS), which is
responsible for the security of the department’s computer networks and
sensitive equipment, including laptops, among other duties. It also
protects foreign diplomats during visits here.
DS officials have been urgently dispatching vans around the bureau’s
Washington-area offices to collect and register employee laptops, said
department sources who could not speak on the record for fear of being
fired.
The inventory sometimes strips DS investigators of their laptops for
“days, or weeks,” they said.
The State Department’s Inspector General launched an audit of the
equipment about three months ago. Only the first stage, or inventory of
equipment, has been completed.
A State Department official referred all questions regarding laptop
losses to the Inspector General.
A senior IG official, asking not to be identified, said he could “not
comment on ongoing work.”
Nita M. Lowey , D-N.Y., who heads a House Appropriations subcommittee
that oversees State Department operations, said she was concerned about
the security revelations.
“The importance of safeguarding official laptops and office equipment
containing sensitive information is not a new concern,” she said through
a spokesman. “I intend to review the facts about this situation.”
“Unaccounted for” does not necessarily mean the laptops have been lost.
But they are “missing” until they have been found or otherwise accounted
for.
Auditors found that the department had lost track of $30 million worth
of equipment, according to one official, “the vast majority of which . .
. perhaps as much as 99 per cent,” was laptops.
Calculating that the average State Department laptop costs $3,000,
another official said, hundreds, perhaps as many as a thousand, were
missing. It could not be learned how many employees have been issued
laptops.
On Feb. 6, the department’s Senior Assessment Team gathered at the State
Department headquarters in Foggy Bottom to discuss the security of
“personal identification information.”
The department’s official in charge of computer equipment, John
Streufert, warned the more than two dozen officials present that the
department did not have good records of its inventory.
A “significant deficiency” relating to laptops existed, Streufert said,
according to a source who attended the meeting.
Mark Duda, a representative of the Inspector General’s office at the
meeting, warned the managers that they needed to get on top of the
equipment issue before it “blows up.” He said a scandal loomed akin to
the one that engulfed the Veterans Administration in 2006, when news
broke that a VA official had taken home a laptop with the personal
records of 26 million veterans, where it was stolen.
The official who chaired the meeting, Christopher Flaggs, the
department’s deputy chief financial officer, also warned that revelation
of the laptop losses could develop into a “material weakness,” an
accounting term-of-art that essentially means inventories are out of
control.
“It’s the worst flaw you can have in management control,” one close
observer of the State Department’s problems said.
It would have to alert the White House Office of Management and Budget
(OMB) and Congress. There could be hearings, headlines, camera crews on
the doorstep of State Department officials.
That’s what happened in 1999, when a laptop containing the names of
foreign agents working for the U.S. government was stolen from the State
Department.
The security of laptops has vexed federal officials, as well as private
industry, for years. The CIA, FBI and other national security agencies
have all lost significant numbers of laptops containing sensitive
information.
More than a year ago, the administration’s Identity Theft Task Force
warned of security vulnerabilities within the government’s Internet
technology systems.
In May 2007, OMB had ordered all federal departments and agencies to
“develop and implement a breach notification policy within 120 days.”
Hints of the State Department’s laptop losses first surfaced March 31 in
an anonymous post at an obscure Web site frequented by employees of the
Bureau of Diplomatic Security, called Dead Men Working.
“We’re not talking about a missing laptop or two,” said a poster who
identified himself as “Steve.”
“A Department-wide audit found hundreds of laptops unaccounted for and
identified DS, now rushing to close the barn door before the scandal
really breaks, as having the laxest control of any bureau in the
agency,” Steve wrote.
John Naland, a retired diplomat who is president of the American Foreign
Service Association, said the alleged losses were worrisome, and
perplexing.
“If the missing ones might have contained classified data, this could be
serious,” Naland said.
“At my last overseas post, we did not have any laptops,” Naland
continued. “But we sure did an annual serial number physical inventory
of computers. Sometimes our initial count came up with discrepancies,
but then we remembered that we returned one to Washington or whatever
and that cleared up the paperwork discrepancy.”
CQ © 2007 All Rights Reserved | Congressional Quarterly Inc. 1255 22nd
Street N.W. Washington, D.C. 20037 | 202-419-8500
Received on Tue May 6 03:36:52 2008