As the U.S. government reforms its security clearance process, it must address the use of publicly available electronic information (PAEI)—specifically social media and commercially available databases—for personnel security determinations and insider threat purposes, according to a new white paper issued by the Intelligence and National Security Alliance (INSA).

The Use of Publicly Available Electronic Information for Insider Threat Monitoring, developed by the INSA Insider Threat Subcommittee, recommends the Director of National Intelligence, as the government’s Security Executive Agent, work with the Defence Department, which will assume government-wide investigation and adjudication responsibilities, to take several key steps, including:

  1. Determine what sources of publicly available information are relevant to security determinations;
  2. Develop a single legal interpretation of what PAEI, including social media data, may be collected and analysed for personnel security purposes; and
  3. Establish policies for how PAEI, including social media data, may be used for security-related personnel determinations.

Balancing security needs with privacy

Organisations would be irresponsible to ignore publicly available data when assessing personnel security risks"To do so, the government must determine what PAEI constructively informs a risk assessment, what types are appropriate to use, and how to use such data to make both initial and ongoing assessments.

Organisations would be irresponsible to ignore publicly available data when assessing personnel security risks, but it’s neither productive nor desirable to collect every piece of information that might exist,” said Chuck Alsup, INSA president.

The DNI should lead a government effort to determine what data is relevant, how to interpret it, and how to balance security needs with employees’ reasonable expectations of privacy. Private companies can then build on policies and standards set by the government to develop their own practices.” 

Determining potential threats

Defined as information that is available to the public on an electronic platform such as a website, social media, or database (whether for a fee or not), PAEI can provide insights into an individual’s perceptions, plans, intentions, associations, and actions. This data can help employers determine whether an employee poses a potential threat to themselves or the organisation.

The report provides a framework of the most important factors to consider when developing culturally viable and operationally effective policies"Criteria for evaluating social media may be particularly difficulty to establish, both because social media postings may not clearly indicate potential security risks and because social media monitoring by an employer may be seen as overly intrusive.

Companies are struggling to develop strategies to leverage the significant value that public data provides to insider risk mitigation, particularly as the ‘borderless work environment’ expands,” says Val LeTellier, principal author of the report and member, INSA Insider Threat Subcommittee.

The report provides a framework of the most important factors to consider when developing culturally viable and operationally effective policies. To use PAEI effectively, government agencies and private firms need a single set of parameters for what data to use and how to evaluate it.

Download PDF version Download PDF version

Related videos

DNAKE S-series video door phone

DNAKE S-series video door phone
Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05

Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05
Case study: Gunes Park Evleri̇, Turkey

Case study: Gunes Park Evleri̇, Turkey

In case you missed it

Global regulations of AI: the role and impact on the physical security industry
Global regulations of AI: the role and impact on the physical security industry

The artificial intelligence revolution in physical security has arrived, transforming how we protect people, assets, and infrastructure. From smart buildings that automatically ad...

How does security innovation impact the skillsets operators need?
How does security innovation impact the skillsets operators need?

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depe...

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...

Featured white papers
Palm vein recognition

Palm vein recognition

Download
The key to unlocking K12 school safety grants

The key to unlocking K12 school safety grants

Download
Selecting the right network video recorder (NVR) for any vertical market

Selecting the right network video recorder (NVR) for any vertical market

Download
Physical access control

Physical access control

Download
Cybersecurity for enterprise: The essential guide to protecting your business

Cybersecurity for enterprise: The essential guide to protecting your business

Download
Quick poll
What's the primary benefit of integrating access control with video surveillance?
More corporate news
Arcules appoints Cody Flood as the Senior Director of Sales for amplifying the momentum of sales team

Arcules appoints Cody Flood as the Senior Director of Sales for amplifying the momentum of sales team
Genetec Inc. recognised as Platinum Premier partner by HID Global’s Mercury Security

Genetec Inc. recognised as Platinum Premier partner by HID Global’s Mercury Security
Sahara Benelux unveils technology demo centre featuring Matrox IP-based ecosystems

Sahara Benelux unveils technology demo centre featuring Matrox IP-based ecosystems
Featured products
Verkada Command Connector for Camera Integration & Cloud Management

Verkada Command Connector for Camera Integration & Cloud Management
Hikvision One-Stop SMB Solutions

Hikvision One-Stop SMB Solutions
Dahua X-spans Wizmind Network PTZ Camera

Dahua X-spans Wizmind Network PTZ Camera