News Stay informed about the latest enterprise technology news and product updates.

Enterprises can learn from Congressional oversight

An unsecured shared network between Republicans and Democrats exposed sensitive documents, which served as a good reminder that information needs to be properly secured.

Warning bells should have sounded across enterprises last week when stories of a congressional "hacking" investigation...

broke. It now appears that hacking wasn't involved in Republicans gathering documents outlining Democratic judicial strategies. Rather, a poorly secured network with shared access was to blame.

An investigation into "Republican surveillance of Democratic Judiciary Committee communications" from 2002 to 2003 is underway by Senate Sergeant-at-Arms William Pickle. Information so far indicates that documents on specific judicial nominees were obtained through an unsecured shared network accessible to both Democrat and Republican Judiciary Committee staff.

"These were not password-protected files; with one click you could view these documents," said Sean Rushton, executive director of The Committee for Justice, a non-profit organization that promotes presidential judicial nominees.

The incident should serve as a reminder to security managers that sensitive information should be separated from areas accessible by partnerships and other shared network arrangements.

"The Democrats designed a faulty 'shared network' where files could be accessed freely by staffers of either party; if you had material you wanted kept completely confidential, you were advised to store it on your own hard drive," according to The Committee for Justice's Web site.

The group also said that a former Republican staffer informed the Democrats of the glitch, and that they didn't repair it.

Dig Deeper on Government information security management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.