Poor Data Management Threatens Credibility
The credibility of the FCC is called in to question by a recent GAO report that found that poor data integration and inconsistent analysis programs left the agency unable to explain, for example, why 4 out of 5 complaints were closed without any enforcement action. This kind of lack of control undermines key tenants of security management, like classifying information and applying proper levels of controls based on those classifications.
Matthew Lasar at Ars Technica lets the FCC have it for what he sees has a threat to Net Neutrality protections if the FCC is given the job:
For net neutrality advocates, however, the message is clear: the FCC needs to modernize its systems before it can take on additional oversight, especially oversight that may be as contentious and technically complex as net neutrality rules may generate.
The same could be said for just about any data management operation. If you don't know what you have, have it classified by security requirements (among others), and have a mechanism to monitor and manage it then you leave yourself vulnerable. You can't protect what you don't manage.
And about that management part, it seems data isn't the only thing that isn't properly managed at the FCC, see another Ars Technica post on the politicized atmosphere at the FCC.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
