Yet More Security Controls You Won’t See in SP 800-53

Posted September 12th, 2007 by

MP-52 Self-Destructing RFID Implants
Control:
The organization equips all employee-integrated storage media with self-igniting RFID devices so that they can be tracked throughout any government facility and destroyed upon command.

Supplemental Guidance:
All CISOs know that the information inside their employees’ heads is the real culprit.  When they get a new job, they take that information–all learned on the taxpayers’ dime–with them.  This is a much bigger security risk than the data on a USB drive could ever be.  Instead of denying the obvious truth, why don’t we implement security controls to minimize the impact of out-of-control employees?

Control Enhancements:
(1) The organization destroys the information inside an employee’s head when the employee leaves the organization, much like hard drives need to be degaussed before they are sent for maintenance.
Low: MP-52 Moderate: MP-52(1) High: MP-52(1)



Similar Posts:

Posted in BSOFH, FISMA, NIST, The Guerilla CISO | 3 Comments »

3 Responses

  1.  Alex Says:

    I like that logic!

  2.  rybolov Says:

    It’s not really my original idea, it borrows heavily from Snow Crash. An interesting technique that the government used in the book was to segment the programming down so that none of them knew exactly what they were building.

    Anyway, it’s good reading for anybody who’s a data security nut.

  3.  Darren Couch Says:

    A good book–I’m still trying to find the graphic novel the book was based on. Hiro Protagonist!

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.


Visitor Geolocationing Widget: