During the week of June 26, all laptops will be returned to the Veterans Administration for a security review. The agency will also change its VPN settings every 30 days, so every laptop has to come back to be reinspected.
The Secretary of Veterans Affairs (VA) on Thursday told Congress that his agency will take a number of security-related measures, including recalling every laptop in its inventory, to make sure the loss of 26.5 million veteran and active-duty personnel isn't repeated.
In testimony before the House Government Reform Committee Thursday, James Nicholson said that during the week of June 26, all laptops will be returned to the VA for a security review. Additionally, no personal laptops or desktops will be allowed to access the agency's network via VPN (Virtual Private Network) connections.
"VPN settings will be changed every 30 days, forcing laptop users to return the laptop to VA for updating and security screening," Nicholson said in his prepared statement read to the committee.
That same week every VA facility -- in Nicholson's words, "every hospital, CBOC, regional office, national cemetery, field office, and VA's Central Office -- will close in a "stand-down" he called "Security Awareness Week." During the week, VA managers and supervisors will "review information security and reinforce privacy obligations and responsibilities with their staff," he added.
The various initiatives are in reaction to the May 3 burglary of a VA data analyst's home in which a laptop and external hard drive containing 26.5 million identities were stolen. Since then, Congress has held several hearings on the data breach, and new information -- including the fact that 80 percent of active-duty military members' data was among that stolen -- has come to light.
Nicholson has also done some personnel housecleaning. The data analyst's supervisor, for instance, has stepped down, while another high-level official in the agency has been placed on administrative leave.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.