Information Security: Actions Needed to Better Protect Los Alamos National Laboratory's Unclassified Computer Network, Report to Congressional Committees, U.S. House of Representatives [open pdf - 533KB]
This report, published by the Government Accountability Office (GAO), "(1) assessed the effectiveness of the security controls LANL has in place to protect information transmitted over its unclassified computer network, (2) assessed whether LANL had implemented an information security program for its unclassified network, and (3) examined expenditures to protect LANL's unclassified network from fiscal years 2001 through 2007. To carry out its work, GAO examined security policies and procedures and reviewed the laboratory's access controls for protecting information on the unclassified network. GAO recommends, among other things, that the Secretary of Energy and the Administrator of NNSA require the Director of LANL to (1) ensure that the risk assessment for the unclassified network evaluates all known vulnerabilities and is revised periodically and (2) strengthen policies with a view toward further reducing, as appropriate, foreign nationals'-- particularly those from countries that DOE has identified as sensitive--access to the unclassified network. NNSA did not specifically comment on GAO's recommendations but agreed with the conclusions. [...] The Los Alamos National Laboratory (LANL), which is operated by the National Nuclear Security Administration (NNSA), has experienced security lapses protecting information on its unclassified computer network. The unclassified network contains sensitive information."
Government Accountability Office: http://www.gao.gov/