The GAO also found employees traveling overseas with wireless devices pose significant risks because "sensitive information could be compromised while a device is in another country, or that malware obtained during an international trip could be inadvertently introduced onto agency networks, placing sensitive data and systems at risk."
While overseas, the GAO recommended that employees use a virtual private network (VPN) to relay sensitive information to agency networks when using insecure public wireless networks like airport hot spots.
Another concern during travel is smartphone security. "Due to their portability and capacity to collect and store significant amounts of sensitive information, smartphones such as the BlackBerry are susceptible to security threats such as loss, theft, unauthorized access, malware, electronic eavesdropping, and tracking," the report warns. In two attack scenarios included in the report, the GAO worries that an attacker could steal a smartphone's data storage card or replace the original with another card carrying malicious code.
The GAO report released this week comes after the giant WikiLeaks disclosure of more than 250,000 State Department cables over the weekend, which has made information security a top priority for the White House and the federal bureaucracy. In an effort to examine how the government can better protect classified information, the White House named Russell Travers, deputy director at the National Counterterrorism Center, as head of the President's Intelligence Advisory Board this week.
According to National Journal, "the board is tasked with ensuring that agencies have a proper understanding of the requirements in safeguarding classified information, getting a general sense of government officials' attitudes on leaks, and assessing how the government handles sensitive information and documents."
♦ Photo by dana~2/Flickr
CORRECTION: The original article described WikiLeaks disclosure as a "document dump." That description was inaccurate as WikiLeaks has only disclosed approximately 2,000 of the more than 250,000 documents it has in its possession.