At SEC: Porn Surfing Down, Waste Up, Stunning Disregard For Basic Computer Security

from the 'password'-is-not-a-good-password dept

If you had asked us two years or two months or two days ago if we thought that there would be a time in the near future when Securities and Exchange employees would not be regularly reprimanded for watching porn on their work-issued computers for 98 percent of the workday, we would have said absolutely not. No judgment, but in our professional opinion, people do not go from, among other things:



* Receiving “over 16,000 access denials for Internet websites classified by the Commission’s Internet filter as either “Sex” or “Pornography” in a one-month period”



* Accessing “Internet pornography and downloading pornographic images to his SEC computer during work hours so frequently that, on some days, he spent eight hours accessing Internet pornography…downloading so much pornography to his government computer that he exhausted the available space on the computer hard drive and downloaded pornography to CDs or DVDs that he accumulated in boxes in his office.”



…to living a porn-free existence at l’office.

Several Securities and Exchange Commission staffers responsible for monitoring the markets and exchanges broadly misused computer equipment to download music and failed to properly safeguard sensitive information, a report has found.

The report also found that the staffers failed to protect their computers and devices from hackers, even as they were urging exchanges and clearing agencies to do just that.



Although no breaches occurred, the staffers left sensitive stock exchange data exposed to potential cyber attacks because they failed to encrypt the devices or even install basic virus protection programs.

The report says the staff may have brought the unprotected laptops to a Black Hat convention where hacking experts discuss the latest trends. They also used them to tap into public wireless networks and brought the devices along with them during exchange inspections.

[T]he full report... details an even broader array of problems, from misleading the SEC about the office's need to buy Apple Inc products, to cases in which staffers took iPads and laptops home and used them primarily for pursuits such as personal banking, surfing the Web and downloading music and movies.



Rymer found that the office did not have any planning or oversight into its purchases of computer equipment. From 2006 through 2010, the office got permission to spend $1.8 million on technology devices.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

An internal investigative report of the SEC's Trading and Markets division has been recently been reviewed by Reuters. After reading its rundown of the misdeeds and abuses uncovered , I'm left with the urge to laugh maniacally in the manner of someone having just cleared the tipping point and now sliding irretrievably into insanity. The sheer irresponsibility on display here springs from the sort of irredeemable carelessness that comes with spending other people's money (taxes) and operating without any credible oversight or accountability (a large percentage of government entities).Bess Levin at Dealbreaker points out that while the SEC's internal investigation may have turned up several misdeeds , ranging from the merely stupid to the positively horrendous, it isa step up from the insatiable pornhounds that used to populate the Commission:Truly a mind-boggling set of employees. One regional staff accountant ran into the "no-porn" wall 1,800 times in a, yet remained undeterred. Those caught accessing porn with ridiculous frequency cited the "stress" of their jobs as the underlying reason for the nearly uninterrupted pornathons.But this porn-heavy chapter in the SEC's history is now behind them, according to an internal investigative report viewed by Reuters. Moving boldly forward, the SEC has apparently ushered in a new wave of semi-competence, the sort befitting an agency that is entrusted with keeping our financial systems free of corruption. So, how is the New, Improved SEC doing?Well, that's one strike for infringement and one strike for. "Securing information" seems to be something the SEC's Trading and Markets division is particularly bad at. To say this is ironic would be a colossal understatement, considering the government's current obsession with all things "cyber."Considering the amount of sensitive information the SEC has access to, it's stunning that the barest minimum of precautionary measures were never taken. This protection-free era of SEC computing occurred during the same period the SEC was issuing guidelines for public companies to follow when reporting security breaches to investors.In addition to this complete disregard for basic security, the SEC Tradings & Market Division was handed a blank check to purchase equipment, leading to some unsurprising abuse.As Levin points out, it's an upgrade from the staff's former pornaholic ways but this report gives off the impression that staffers have simply foundways to screw up. Would that this report contained anything truly surprising, but it's more of the same. It's not that all government entities are shot through with bumbling fools and opportunists looking for some power to abuse. Individually, there are plenty ofpublic servants. But as an aggregate, nearly every derogatory cliche of government work (and government employees) can be proven true.At the very least, I suppose we (the peoplethe taxpayers) can be grateful thatis looking into this and, better yet, ushering it out of the darkened hallways of regrettable governance and into the harsh sunlight of public appraisal. But with progress so incremental it barely fits the definition, there's still a long, hard road ahead that will demand the full attention of those tasked with shepherding the (mostly) unwilling herd.

Filed Under: porn, sec, security