You are here

Security Clearance Reform: More Questions than Answers


By Joe Benson

This month I am sharing a slightly abridged version of an article written by Amber Corrin and published in Federal Computing Weekly (FCW). This is important
to you for a few reasons. First, I want to illustrate how complex this (not so new) issue is. There are no quick or simple solutions despite any suggestions to the contrary from political or public knee-jerk reactions and sound-bite reporting. Second, as DoD contractors who hold clearances, this directly affects each of us. The need for us to obtain and maintain security clearances is paramount to working in the Federal sector. Increased scrutiny on existing processes, introduction of changes or new regulations, and other changes will likely result in investigations and adjudication decisions taking even longer. We need to stay informed and aware of clearance reform efforts and be prepared to adapt to changes and ensure uninterrupted support to our government customers.

The full article can be found here.

There has been a lot of talk but little action on changes to the security clearance process in the four months since the Navy Yard shooting.
It has been more than six months since the Navy Yard shooting,
more than eight since the Edward Snowden insider leaks began and four years since Bradley (Chelsea) Manning downloaded the first of hundreds of thousands of documents for illegal release. But the security clearance process that granted access to three of the most serious breaches of government trust in recent memory remains troubled. Calls to reform the processes behind security clearances are not new, but they have been ratcheted up in a new era of insider threats. But there are no clear solutions to fixing the system, and it would seem that questions outnumber answers.

“You can see the magnitude of what we’re dealing with” in the cases
of Snowden, Manning and Navy Yard shooter Aaron Alexis, said Rep. Rob Wittman (R-Va.), as part of a panel convened by the Congressional Smart Contracting Caucus in Washington on Jan. 28. “People question, how did that person get a security clearance? What due diligence did the contractor do to make sure that didn’t happen? What happened within [the Office of Personnel Management] to manage this process? All those are questions that come up when we see these things happen around us, and they make all of us question the system.”

There is plenty of debate about options, such as
changing the frequency of background checks,
automating information-gathering processes and
centralizing data. But even the proposed solutions 
themselves come with numerous questions about how to implement any changes.

“We have to do some reflection. How well does the actual background check work?” asked another participant, Virginia Democratic Rep. Gerry Connolly. “What reforms are going to be needed? Does the current system of five to 10 year [interims between checks] work? Or should we move to continuous evaluation, and aren’t there problems with that too?”

Connolly noted the potential for over-reaction – say, to a late credit card payment that ends up jeopardizing someone’s clearance unnecessarily – and he questioned the ability to handle and sort the data accompanying the roughly five million people holding security clearances today.

With such serious consequences on the line, anything less than perfection could be deemed a failure, which makes the reform efforts that much more complicated. Combined with timeliness issues – including a presidential directive to examine clearance processes after the Navy Yard shooting – and constrained budgets, officials need to look deep for solutions.

“We want it done better, we want it done faster, we want it done cheaper
– we would all agree to that, but that involves a real hard look at what flexibilities exist in the system to increase efficiency and do things like drive automation,” said Joe Jordan, public sector president at FedBid and former administrator at the Office of Federal Procurement Policy.

Besides the need to digitize information-sharing, narrowing the numerous entities involved and establishing reciprocity are at least part of the answer, Jordan added.

Many of the proposed solutions rely on the use of IT – automation, continuous evaluation, shared data banks between agencies – but it’s not an easy transition to make.

“The information technology space is thought to be the one [critical area]. That’s the one that needs the most attention and is the hardest to get,” said John Fitzpatrick, director of the information security oversight office at National Archives and Records Administration.

It also is not a new area to be explored by the government. The use of technology has been studied, including by federal entities, to little avail, noted Brenda Farrell, director of defense capabilities and management at the Government Accountability Office.

“A lot of these visions weren’t realized because they didn’t have a target. ... It’s very important for the next reforms that goals are clear, who’s in charge is clear and there are metrics. One metric to measure the reform efforts, and one to measure whatever phase we’re trying to improve,” Farrell said.

Final FSO thoughts: This article generated a lot of discussion and comments. A follow-on piece was published here, which outlined one of the fundamental issues; simply obtaining investigation data. Regardless of any reform efforts, investigations needs to take place and access to data and references are at the core of successful completion.