It's not hard to find cracks in the system in need of fixing -- like this Secret Service security gap

by Ken

Sure, I'm still processing, even though I think I was reasonably well prepared intellectually for an election outcome similar to what actually happened. My first thought: Now we know who will appoint -- subject to confirmation by a still-Republican-controlled Senate -- at least two new Supreme Court justices: replacements not just for Antonin Scalia but for Ruth Bader Ginsburg, and possibly for Anthony Kennedy and/or Stephen Breyer as well. (Yes, I'm steamed that "Miss Mitch" McConnell and Company won their extra-constitutional gamble in refusing to consider the Garland nomination. Now, alas, there's nothing for it but to hope that this gambit can be made to come back and bite their smelly butts.)

But for now, I don't want to go there. I'm going to try to think, well, not optimistically, but (let's say) within the realm of possibility. Let's say that President Trump really means to begin repairing our broken system. The Washington Post's Joe Davidson, whose "Federal Insider" beat is the seamy underbelly of the federal government, sensibly had one such instance ready to roll today regardless of the election outcome, under the headline "Secret Service IT management slammed following Chaffetz breach" (links onsite):

Now that the votes are in and the presidential campaign is done, the Secret Service can close an incredibly busy election season.

Perhaps it can turn some of that energy to protecting its computer systems, which suffer from neglect, ignorance and bad management, according to a watchdog’s report.

The report by the Office of Inspector General (OIG) at the Department of Homeland Security is related to the agency’s breach and leak of personal information belonging to Rep. Jason Chaffetz (R-Utah) last year. That was another in a string of embarrassments for a law enforcement agency that has had such a proud tradition.

A 2015 OIG investigation found that 45 employees got into Chaffetz’s 2003 Secret Service job application. Only four had a legitimate need, leaving the rest in violation of the Privacy Act and agency policies. The file snooping began minutes after Chaffetz, chairman of the House Oversight and Government Reform Committee, opened a hearing into allegations of agents’ misconduct.

Chaffetz said the current report, issued last month, shows that “despite past warnings, USSS [U.S. Secret Service] is still unable to assure us their IT systems are safe.” In a letter to Inspector General John Roth, Chaffetz also said the discipline for some agents in his case “is not adequate to deter similar behavior in the future” and asked Roth to continue his investigation.

The October report goes well beyond the Chaffetz case and dissects the agency’s information technology operation in scathing particulars.

Summing up the report, the inspector general’s office offered this mouthful: The “audit uncovers a myriad of problems with Secret Service’s IT management including inadequate system security plans, systems with expired authorities to operate, inadequate access and audit controls, noncompliance with logical access requirements, inadequate privacy protections, and over-retention of records. The OIG concluded that Secret Service’s IT management was ineffective because Secret Service has historically not given it priority. The Secret Service CIO’s [Chief Information Officer] Office lacked authority, inadequate attention was given to updating IT policies, and Secret Service personnel were not given adequate training regarding IT security and privacy.”

The Secret Service agreed with the report’s 11 recommendations, even though officials believe it does not reflect the agency’s recent IT progress. In a memorandum responding to the report, Secret Service Director Joseph P. Clancy noted last year’s hiring of retired Marine Brig. Gen. Kevin Nally as CIO and “the sweeping and unprecedented improvements” under his leadership.

THERE'S ONE OBVIOUS CAVEAT TO THE ABOVE

Of course the "Chaffetz breach" became an issue, to the extent that it became an issue, almost entirely because in this instance the victim of governmental abuse was not just a right-winger but a far-far-right-winger and the loudest of loudmouths (maybe somebody out there can help? I'm racking my brain for a kinder and gentler term than "crackpot") as well. I think it's safe to say that such instances have been overwhelmingly the exception even in a Democratic administration. Projecting ahead to a federal government staffed with Trump appointees . . . well, you can finish that sentence for yourself. And with a Republican Congress still in charge -- and overseen by people we know only too well -- it's hard to imagine much impulse to reforms that would clamp down on all governmental abuses.

Then again, maybe the president-elect is serious about fixing our broken system. (Did I hear somebody laugh? Or was that crying?)


COMING UP FRIDAY --

For my next post, I promise one with (almost) no reference at all to the election or the present political mess. It's something I had in mind for today, but I thought we needed to do a smidge of transitioning.

#