"FBI Flawed Data Handling Raises Security Concerns"

A recent audit conducted by the Department of Justice's (DoJ) Office of the Inspector General (OIG) discovered that the FBI is exposing sensitive and classified data because of "significant weaknesses" in its inventory management and disposal of electronic storage media.  The flaws found include a lack of adequate policies and procedures or controls to account for electronic storage media extracted from larger devices and thumb drives, a lack of labels on the FBI's electronic storage media with the appropriate National Security Information (NSI) classification or Sensitive But Unclassified (SBU) levels, and flaws in the FBI's internal physical access and security controls in relevant areas.  The auditors discovered that FBI staffers do not typically account for extracted internal hard drives, thumb drives, and other media devices, which the auditors deemed inconsistent with FBI or DOJ policies to ensure accountability of media containing sensitive or classified information.  The FBI has informed the regulator that it is addressing the issues and has developed a new policy to ensure the secure handling and destruction of sensitive electronic data.

Infosecurity Magazine reports: "FBI Flawed Data Handling Raises Security Concerns"