Safeguarding protectively marked documents: a PHYSEC case study
This case study looks at the importance of safeguarding protectively marked documents.
Themes covered include:
- reporting breaches or security incidents regardless of how minor they seem
- security clearance suitability
- influence of emotional instability and stress.
Scenario – what happened
John, a government employee, is working into the early evening to finish a protectively marked project that has taken several weeks to complete.
It is the end of the week and John is feeling particularly stressed about meeting his deadline and leaving the office in time for a dinner appointment.
When John realises he’s running late for his appointment and doesn’t have time to store his project documents in the locked safe, he decides to leave the office and take the protectively marked documents with him.
John catches a taxi to his appointment but accidently leaves his briefcase containing the protectively marked documents in the taxi.
It is a Friday night. John waits until he returns to work on Monday morning before calling the taxi company.
The taxi company is able to locate the driver and confirm the driver is in possession of John’s briefcase.
John contacts the driver directly who says he will return the briefcase midweek. The briefcase and the protectively marked documents are finally returned to John on Wednesday.
John does not mention the incident to his CSO or manager, feeling relieved the documents are back in his possession. He does, however, mention what happened to a colleague. They agree to dismiss the incident because the documents have been returned.
However, the taxi driver has not only copied the documents before returning them to John, but also has John’s work contact information.
John begins to receive phone calls from the driver demanding that John give him money in exchange for the document copies.
Lessons learned – what should have happened
John and his manager made three wrong turns in this scenario.
John should have:
Locked away the protectively marked documents before leaving the office
Physical security can be inconvenient but it is essential. Protectively marked documents should always be locked away when not in use and should never leave an agency premises unless absolutely necessary, i.e., for a meeting, in which case, appropriate carriage procedures should be used.
John and his colleague should have:
Reported the incident
Breaches or security incidents should always be reported to a CSO and/or manager regardless of how minor the incident seems or if the incident appears to have been resolved. Some types of security incidents must be reported, ie, incorrect handling of protectively marked information, criminal or natural occurrences such as fire or storm damage.
John’s manager should have:
Talked to John about stress and his workload
As part of the ongoing personnel security clearance management process, managers should be aware of, identify and assess any issues that affect an individual’s suitability to hold a security clearance and protect protectively marked information. This includes the identification and management of emotional instability and stress.
Page last modified: 5/08/2019