Tuesday, January 22, 2008

The Missing White House E-Mail Tapes

Claims of missing e-mails tapes flies in the face of professional data center practices.

A recent issue of the Washington Post (available here) contains an article about missing White House email backup tapes under the headline “White House Study Found 473 Days of E-Mail Gone.” The article cites White House chief information officer Theresa Payton who stated that “e-mail backup tapes were routinely "recycled" during the first three years of the Bush administration.”

Current discussions in the press about the missing White House email backup tapes operate under the mistaken assumption that enterprise data backup strategies are like home video taping. The White House claims that the backup tapes of emails were inadvertently reused, the way someone at home may inadvertently use a wedding tape to record the Super Bowl. That’s not the way it works.

I have worked in some capacity in information technology for the last 30 years. From the perspective of generally accepted IT practices, Payton’s explanation about the absence of backups for key time periods and especially for a large block of time from between 2003 and 2005 makes no sense at all.

Any professional information technology operation will follow a backup scheme that is some variation of the following:

• You backup your email servers every day, using different tapes for each day. Some organizations back up more than once a day if the volume is large enough or the material important enough.
• At the end of the week you take a master backup of everything and send it off site for permanent storage
• At that point you begin reusing your backup tapes for the new week.

Sometimes weekly backups are kept onsite with monthly backups sent to permanent storage. While it may be possible under these types of schemes to lose some data (though highly unlikely) it is almost impossible to lose a whole year’s worth of data unless the backup procedure has been compromised, or specific orders are given to delete certain information

Furthermore, no IT technician or manager would take it upon themselves to change backup procedures without explicit orders from their superiors. Someone gave the orders to change backup strategy or to destroy specific tapes. The documentation of those orders may be gone, but the people remain.

The White House’s current denial that any backups are missing can be easily verified by a standard technology audit. If I were House Oversight and Government Reform Committee Chairman Henry A. Waxman, I would obtain a list of all present and former White House data center technicians, and one-by-one, under oath, I would ask them who gave the order to change backup procedures, or the order to delete certain tapes. I would follow the IT chain of command as far as it goes.

Deletion of data, including presidential e-mails, is a form of industrial espionage. If the White House can’t prevent this sort of terrorism within their own staff, how can they protect us from foreign terrorists?

1 comment:

Anonymous said...

Great stuff. Admirably fine performance!