"This involuntary resignation is the result of SSA's actions against me, which make my duties impossible to perform legally and ethically, have caused me serious attendant mental, physical, and emotional distress, and constitute a constructive discharge. After reporting internally to management and externally to regulators serious data security and integrity concerns impacting our citizens' most sensitive personal data, I have suffered exclusion, isolation, internal strife, and a culture of fear, creating a hostile work environment and making work conditions intolerable."
"bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost."
"Bisignano wrote that "all employees are required to go through a vetting process prior to being granted access to SSA information systems" and "are granted the appropriate permissions to perform their work" based on their job functions. He said the agency's "AWS cloud environment is audited yearly to ensure these controls are implemented and maintained.""
SSA requires employees to undergo vetting before receiving access to information systems and are granted permissions aligned to job functions. The agency states its AWS cloud environment is audited yearly to ensure those controls are implemented and maintained. A whistleblower alleged that SSA violated the Federal Information Security Modernization Act by knowingly placing a High-Value Asset containing data on over 450 million people in an uncontrolled environment. The Government Accountability Project warned that access to that cloud could enable widespread identity theft, loss of healthcare and food benefits, and potentially require re-issuing Social Security Numbers. The whistleblower said he resigned involuntarily, citing constructive discharge and a hostile work environment.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]