Blog Entries

Recently several highly classified documents were discovered on public government servers. These documents included detailed schematics of a military detainee holding facility in southern Iraq, geographical surveys and aerial photographs of two military airfields outside Baghdad, and plans for a new fuel farm at Bagram Air Base in Afghanistan. Anyone could log in as a guest to the public FTP server and download these documents to their personal computers. It is hard to believe, but this kind of information is mistakenly posted on public servers all the time:

“In a survey of servers run by agencies or companies involved with the military and the wars in Iraq and Afghanistan, The Associated Press found dozens of documents that officials refused to release when asked directly, citing troop security.”

The officials in the military had no idea these documents had been leaked by careless employees and contractors until they were discovered by private citizens and sent to news organizations.  Even though these documents posed an immediate threat to troop security, they were still able to slip through the tight security regulations of the US military.  This is a prime example of why no matter how good you think your organization’s security procedures are, it is still in your best interest to retain the services of a third party monitoring service to find leaks like this as soon as they occur.