Yet More Security Controls You Won’t See in SP 800-53

Posted August 26th, 2008 by

PE-52 Self-Destructing RFID Implants
The organization equips all employees with integrated storage media with self-igniting RFID devices so that they can be tracked throughout any government facility and destroyed upon command.

Supplemental Guidance:
All CISOs know that the information inside their employees’ heads is the real culprit.  When they get a new job, they take that information–all learned on the taxpayers’ dime–with them.  This is a much bigger security risk than the data on a USB drive could ever be.  Instead of denying the obvious truth, why don’t we implement security controls to minimize the impact of out-of-control employees?  This control is brought to you by L Bob Rife.

Control Enhancements:
(1) The organization destroys the information inside an employee’s head when the employee leaves the organization, much like hard drives need to be degaussed before they are sent for maintenance.
Low: MP-52 Moderate: MP-52(1) High: MP-52(1)

Similar Posts:

Posted in IKANHAZFIZMA | 2 Comments »

2 Responses

  1.  Amrit Says:

    Do you need a self-igniting RFID device to satisfy this control or would it be acceptable to use memory flashers throughout an organization, like the kind used in MiB. It would seem to me that the auditors would be quite satisfied that an organization had operationally implemented technical controls endorsed by Will Smith and Tommy Lee Jones.

  2.  rybolov Says:

    I’m going to have to go with the theory that NIST would make it unspecified and leave the implementation up to the individual organization, but OMB would mandate explosions.

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

Visitor Geolocationing Widget: