While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
In the wake of the U.S. Office of Personnel Management’s (OPM) breach, federal agencies were forced to place their IT systems under strict scrutiny. The incident prompted the OPM to announce the suspension of the Electronic Questionnaires for Investigations Processing (e-QIP) system — a move that caused security concerns, as well as a workflow interruption. The OPM recently announced that user access to e-QIP has been restored following a thorough internal review.
OPM spokesman Sam Schumach highlighted e-QIP’s speedy return in a recent statement: “The system has been brought back online less than four weeks after being taken down, and OPM is working closely with agencies to re-enable e-QIP users incrementally in an effort to resume this service in an efficient and orderly way.”
Working closely with the Department of Homeland Security (DHS) and the Office of E-Government and Information Technology (E-Gov), the OPM increased safeguards against external threats, boosted password protections and made it safer to exchange data within e-QIP. Furthermore, Schumach expressed the OPM’s “confidence” that e-QIP was resuming as a far safer application.
Shortly after the OPM breach, the agency announced that it had identified an area of weakness with e-QIP, an administrative tool used for the submission of background-information forms. Following the decision to temporarily pull the plug on e-QIP, then-director of OPM Katherine Archuleta explained that the system was taken offline as a precautionary measure, not because it faced a specific threat.
“The security of OPM’s networks remains my top priority as we continue the work outlined in my IT Strategic Plan, including the continuing implementation of modern security controls,” Archuleta said in a statement. “This proactive, temporary suspension of the e-QIP system will ensure our network is as secure as possible for the sensitive data with which OPM is entrusted.”
FedScoop reports that Archuleta ordered agencies to use physical forms while the system was offline and a security assessment was performed. Schumach referred to this as part of “a set of interim procedures to address agencies’ requirements and reduce the likelihood of interruptions in the on-boarding of employees while prudently minimizing any security risks,” FedScoop adds.
The strong response to e-QIP was a necessary step taken to make sure it’s functioning at the highest — and safest — level.