Thumb Drive SecurityIt is 5:15 PM, and you are late for an appointment. You should take the time to clear off your desk, but every minute spent clearing is one that could be used to get to your destination. So you leave your desk as it is. What’s the cost to your organization, and who is responsible for the loss if (one occurs)?

Last year, GSA was the first out of the gate to remodel its headquarters to a cutting edge, “open office” format. The renovation created an open-space work area that eliminated office suites with locked doors and cubicles in favor of a new layout that uses “open-concept offices” with “hotel desks” that feature personal lockers and locking file cabinets. Providing one desk for every two employees, GSA has taken great pride in its open office setup that conserves space by relying on the sharing of desks and conference rooms as well as telecommuting and mobile technology.

A recent after-hours inspection, however, revealed that there are some serious security breaches as a result of the open office format. Several online sources, including Government Executive and Federal Soup, reported on the matter:

Performed by the GSA Inspector General’s Office of Forensic Auditing, Evaluation and Analysis, the unannounced inspection identified “physical control weaknesses” in the open office area in securing both sensitive information and “highly pilferable government-furnished personal property,” the report said.

Inspectors found “numerous incidences” of unsecured items, including personally identifiable information and other sensitive information, an HSPD-12 PIV card, sensitive contract files, architectural drawings marked “Sensitive But Unclassified,” and unlocked file cabinets containing sensitive information—as well as “a combination code for a bay of personal lockers that was left directly on top of those lockers, and a door cipher lock combination taped to the back of the door.”

Other valuable items such as laptops and other electronics also were left unsecured. Theft of these items can bring about some seemingly intangible—but ultimately expensive—ramifications: down time, replacement costs, and insurance hassles and deductions, and possible reprimands for negligence, to name a few.

As a result of these findings, GSA managers and supervisors will enforce GSA policies and procedures for safeguarding private and sensitive information as well as valuable property; routinely monitor for security compliance by employees and contractors; and assess the adequacy of secure storage space.

“We understand that an open, mobile office may present new challenges to how we secure our space,” wrote Chief of Staff Adam Neufeld in an Oct. 10 letter to the IG. To date, he wrote, managers have sent 10 emails to staff, posted 14 articles on GSA’s internal website, and held online staff conversations on the problem. GSA has also placed new posters and signage around the building, including 200 placards now displayed at workstations, stressing security procedures.

For more information about the security risks posed at the GSA, see the articles on the Government Executive and Federal Soup websites.


SUBSCRIBE TO OUR DAILY TECH UPDATES: Receive these Daily Tech Updates in your email box every business day. Click here to subscribe.


After-Hours Inspection Finds Security Issues at GSA’s Open Office

Leave a Reply