Edward J. Snowden, the former National Security Agency contractor who leaked details about American surveillance, personifies a debate at the heart of technology systems in government and industry: Can the IT staff be trusted?
As the NSA, some companies and the city of San Francisco have learned, information technology administrators, who are vital to keeping the system running and often have access to everything, are in the perfect position if they want to leak sensitive information or blackmail higher-level officials.
"The difficulty comes in an environment where computer networks need to work all the time," said Christopher P. Simkins, a former Justice Department lawyer whose firm advises companies, including military contractors, on insider threats.
The director of the NSA, Gen. Keith B. Alexander, acknowledged the problem in a television interview on Sunday and said his agency would institute "a two-man rule" that would limit the ability of each of its 1,000 system administrators to gain unfettered access to the entire system. The rule, which would require a second check on each attempt to access sensitive information, is already in place in some intelligence agencies. It is a concept borrowed from the field of cryptography, where, in effect, two sets of keys are required to unlock a safe.
From government agencies to corporate America, there is a renewed emphasis on thwarting the rogue IT employee. Such in-house breaches are relatively rare, but the NSA leaks have prompted assessments of the best precautions businesses and government can take, from added checks and balances to increased scrutiny during hiring.
"The scariest threat is the systems administrator," said Eric Chiu, president of Hytrust, a computer security company. "The system administrator has godlike access to systems they manage."
Asked Sunday about Alexander's two-man rule, Dale W. Meyerrose, a former chief information officer for the director of national intelligence, said, "I think what he's doing is reasonable."
"There are all kinds of things in life that have two-man rules," added Meyerrose, who now runs a business consulting firm. "We've had a two-man rule ever since we had nuclear weapons. And when somebody repairs an airplane, an engineer has to check it."
John R. Schindler, a former NSA counterintelligence officer who now teaches at the Naval War College, agreed that the "buddy system" would help. "But I just don't see it as a particularly good long-term solution," he said.
"Wouldn't it be easier to scrub all your ITs for security issues," he asked, "and see if there is another Snowden?"
The two-man rule "has existed in other areas of the intelligence community for certain exceptionally sensitive programs where high risk was involved," he said, "but it's not a standard procedure."
Meyerrose and Schindler both said that software monitoring systems can also help, though they can be evaded by a knowledgeable systems administrator. The biggest issue for government and industry, they said, is to vet the IT candidates more carefully and to watch for any signs of disillusionment after they are hired.
"It's really a personal reliability issue," Meyerrose said.
Insiders of all types going rogue have become a problem for the government and industry over the last decade. One of the most prominent is Pfc. Bradley Manning, who downloaded a vast archive of American military and diplomatic materials from his post in Iraq and gave it to WikiLeaks. But there have been others, including scientists and software developers who stole secrets from American companies where they worked and provided them to China.
Now the spotlight is on the system administrators, who are often the technology workers with the most intimate knowledge of what is moving through their employers' computer networks.
Beyond their store of technical manuals to keep the system running, administrators at intelligence agencies can have access to specific top secret programs without necessarily being cleared for them, like other intelligence agents must be.
If they can get into one part of the network with credentials for what is called "root access," they can get into almost everything else. They are known as the "super user."
Since 9/11, the vast majority of IT experts in the intelligence world have worked for private contractors, and the Snowden case has set off a new debate about whether the government could have more control of the workers if they were direct employees.
"This is a dirty little secret that's being revealed," said Robert Bigman, a former chief information security officer at the Central Intelligence Agency. "When you log on with a root account, it doesn't know if you're staff employee or a contract employee. It just knows you're root. You're known as a super user. You have all privileges."
At a New Jersey pharmaceutical firm in early 2011, a former IT administrator gained access to the company's system, deleted several files - including those that tracked customer orders - and froze the firm's operations for several days, causing $800,000 in damages. Prosecutors called it a revenge attack after the company, Shionogi, announced layoffs. The administrator, Jason Cornish, pleaded guilty in August 2011.
And in 2008, a network administrator for the city of San Francisco named Terry Childs found out that he was about to be laid off and modified the city's network in such a way that only he held the password. He refused to hand it over for 12 days, effectively disabling everything from the mayor's email to the city's payroll records.
© 2013 New York Times News Service