The US government announced Friday that the background check process used for federal employees and contractors will be revamped with a more security database. This announcement comes almost a year after the infamous Office of Personnel Management breach that rocked the federal government.
In June of 2015, OPM discovered that the background check investigation records of millions of current, former and prospective federal employees and contractors were compromised during a cyber-attack. Sensitive information like social security numbers of 21.5 million individuals was stolen from the background investigation database, 19.7 million of which applied for background investigations and 1.8 million non-applicants, primarily spouses or cohabitants of the affected applicants. Usernames and passwords used by the applicants were also stolen, as well as 5.6 million fingerprints.
In response to this attack, the federal government has announced that a new government entity will be created to conduct these checks and that the Department of Defense will be held reliable for securing the data collected. The new ‘National Background Investigation Bureau’ will be housed within OPM, but the DoD will keep the data secure. Read more about the announcement of the National Background Investigation Bureau.
Michael Daniel, the White House cybersecurity coordinator stated the revamped process would “represent a real change from how we are doing business now.”
In addition to hardened cyber security, this $95 million initiative will allow for the evaluation of how much information is stored online for accessibility and what is kept offline.
In a statement made by OPM, “As the world’s technologies continue to evolve and our economy becomes ever more digitally connected, the federal government’s tools, systems, and processes for managing such sensitive information and conducting background investigations must keep pace with these advancements in order to better anticipate, detect, and counter malicious activities, as well as threats posed by trusted insiders who may seek to do harm to the government’s personnel, property, and information systems.
The concept of security best practices have been developed for a reason, and the unfortunate reality is, these breaches will continue to happen without the best security practices and solutions in place. With NNT’s Change Tracker Gen7, you’ll be equipped with solutions like File Integrity Monitoring and Change & Configuration Management to help protect your cyber security environment from a potential hack or breach.
Learn about the USGCB and FDCC
Read this article on Security Week