Today's secrets may be every bit as sensitive as in years past, but computer users find electronic secrets harder to safeguard than tangible paper documents. People prize convenience and access over security, and tend to regard their computers and files as personal property rather than their office's.
Those are big mistakes.
``There are a lot of people who seem to have a very sloppy attitude toward security,'' said one of the nation's top computer-security experts, Peter Neumann, principal scientist at SRI Computer Science Lab in Menlo Park. ``We haven't seen anything yet. This is tip-of-the-iceberg stuff.''
In the blink of an eye, a laptop can disappear from an airport or even an office, which is where Michael Corby, vice president of global security at Netigy, a consulting firm in San Jose, was robbed of his laptop while visiting an East Coast firm.
``I put down a laptop on a desk and turned around to dial a phone and someone lifted it while I was on the phone,'' Corby said. ``I've seen some really bad things, especially in public transportation places, like airports and bus terminals, where people presume that just because they have a laptop in a bag, they can set it down somewhere and no one is going to care.''
Some companies, such as the ultra-competitive Intel Corp., fiercely guard their data. The world's largest semiconductor maker discourages its employees from working on confidential documents while traveling on airplanes. Its laptops have complex encrypted passwords, with the goal of making the machine unusable by anyone except the designated employee.
The company also has a check-in procedure at its Santa Clara headquarters, where visitors must register their laptops with security, to avoid any potential problems when they leave the building.
Government blunders
The problem has become particularly noticeable in recent months in government agencies that are supposed to guard some of the nation's biggest secrets.
For instance:
In some cases, when laptops disappear so does critical data. But companies also try to protect themselves by backing up the most sensitive material.
Several months ago, eGroups Inc., a San Francisco-based company that lets people create e-mail groups, had a break-in at its offices, where three laptops were stolen. But because of the company's network data backup system, the theft did not cause as many problems as it could have.
``I'd love to say that we had the Mission Impossible laptop that self-destructed after being broken into,'' said Jade Dauser, vice president of corporate services at eGroups. ``But we have a pretty healthy data security program, so everybody is backed up. If anybody's laptop is stolen, we have a backup system. It's automatic, the users only know it's there when they need it.''
But analysts and security consultants say that this is not the norm in corporate America or government. American security is stuck in the paper age, said Steve Aftergood, director of the Project on Government Security at the Federation of American Scientists in Washington.
Secrets in the spotlight
``It's because it's an extremely difficult job,'' Aftergood said. ``Back in the good old days, (spy) Aldrich Ames physically had to carry shopping bags of classified documents out the door of the CIA. Nowadays one can transmit 10 times the amount of information on a tiny cartridge.
``People who came up in the world of traditional secrecy markings have to make a certain mental adjustment in dealing with classified information in electronic form,'' Aftergood said. Sometimes they don't, but mostly because of ``sloppiness and incompetence'' not spying, he said.
While lost government secrets are in the spotlight, the same thing ``happens every day in the corporate world,'' said Richard Heffernan, president of a Branford, Conn., consulting firm that specializes in information security.
Heffernan, who has consulted with about half of the Fortune 500 companies, said: ``I don't think I've ever been to a company that's not had some sort of inadvertent disclosure of important information by employees'' via computer files.
The problem, experts say, is as serious as computer viruses and hacking.
Secrets proving more difficult to safeguard as data is shifted from paper to electronic files
AND THERESE POLETTI
Contact Therese Poletti at tpoletti@sjmercury.com or (408) 271-3718 and Seth Borenstein at sborenstein@krwashington.com.
© 2000 Mercury Center. The information you receive online from Mercury Center is protected by the copyright laws of the United States. The copyright laws prohibit any copying, redistributing, retransmitting, or repurposing of any copyright-protected material.