[181196] in North American Network Operators' Group
Re: OPM Data Breach - Whitehouse Petition - Help Wanted
daemon@ATHENA.MIT.EDU (William Herrin)
Thu Jun 18 13:36:07 2015
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <29116.1434588870@server1.tristatelogic.com>
From: William Herrin <bill@herrin.us>
Date: Thu, 18 Jun 2015 13:35:34 -0400
To: "Ronald F. Guilmette" <rfg@tristatelogic.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Wed, Jun 17, 2015 at 8:54 PM, Ronald F. Guilmette
<rfg@tristatelogic.com> wrote:
> I've just started a new Whitehouse Petition, asking
> that the director of OPM, Ms. Archueta, be fired for gross incompetence.
Hi Ronald,
The core problem here is that the Authority To Operate (ATO) process
consumes essentially the entire activity of a USG computing project's
security staff. The non-sensical compliance requirements, which if
taken literally just about prevent you from ever connecting any
computer to any other, get in the way of architecting systems around
pragmatic and effective security.
There's no use blaming the director for a broken system she's
compelled to employ, one far out of her control. The next warmer of
that seat is constrained to do no better.
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
