During the week of June 26, all laptops will be returned to the Veterans Administration for a security review. The agency will also change its VPN settings every 30 days, so every laptop has to come back to be reinspected.
The Secretary of Veterans Affairs (VA) on Thursday told Congress that his agency will take a number of security-related measures, including recalling every laptop in its inventory, to make sure the loss of 26.5 million veteran and active-duty personnel isn't repeated.
In testimony before the House Government Reform Committee Thursday, James Nicholson said that during the week of June 26, all laptops will be returned to the VA for a security review. Additionally, no personal laptops or desktops will be allowed to access the agency's network via VPN (Virtual Private Network) connections.
"VPN settings will be changed every 30 days, forcing laptop users to return the laptop to VA for updating and security screening," Nicholson said in his prepared statement read to the committee.
That same week every VA facility -- in Nicholson's words, "every hospital, CBOC, regional office, national cemetery, field office, and VA's Central Office -- will close in a "stand-down" he called "Security Awareness Week." During the week, VA managers and supervisors will "review information security and reinforce privacy obligations and responsibilities with their staff," he added.
The various initiatives are in reaction to the May 3 burglary of a VA data analyst's home in which a laptop and external hard drive containing 26.5 million identities were stolen. Since then, Congress has held several hearings on the data breach, and new information -- including the fact that 80 percent of active-duty military members' data was among that stolen -- has come to light.
Nicholson has also done some personnel housecleaning. The data analyst's supervisor, for instance, has stepped down, while another high-level official in the agency has been placed on administrative leave.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.