Jul 26, 2004I received an e-mail from a reader this week commenting about the recent news reports that Sandy Berger, a national security adviser under President Bill Clinton, was under investigation for taking top secret documents from the National Archives. My correspondent's son had asked him: "Why don't they track the documents with RFID?" He didn't have a good answer and wanted to know if I did.
It's a good question, and I don't have a good answer, either. I have long argued that companies should use RFID technology and so-called smart seals—seals that communicate via RFID tags when a container is opened without authorization—to secure cargo. And it makes a great deal of sense to track sensitive documents, electronic storage devices, computers and other important assets with RFID.
Los Alamos National Laboratory, which does a lot of highly sensitive research for the U.S. government, recently revealed that it could not account for two computer disk drives. The lab believes they were destroyed according to normal procedures, but there’s no record that they were destroyed. This potentially dangerous human error led the Energy Department to halt nearly all classified work using removable computer storage devices at all of its labs so the department could review security procedures. (The lab doesn't just erase the drives for fear that some sensitive data could be recovered from an erased drive.)
The Federal Bureau of Investigation hasn't done a very good job of tracking its assets, either. Back in 2001, a routine audit found that the top law enforcement agency in the United States was missing more than 500 firearms and 184 laptops. Oops.
It's easy to snicker at this king of bureaucratic bumbling, except companies suffer from exactly the same problem. About 10 years ago, I did an investigative report on how companies steal competitive secrets from one another. One common tactic was to get a mole hired at a competing company. The mole was usually a janitor. At night, when the office was being cleaned, the mole would steal the laptops of key senior executives. He would take a few other laptops randomly to make it look like an ordinary theft and not industrial espionage.
RFID can prevent the theft of laptops and documents, and it can also reduce the time wasted looking for important documents. Senior editor Jonathan Collins recently wrote about a national law firm in the United States that dramatically improved efficiency by using RFID to track files (see RFID Brings Order to the Law). Some "chipless" RFID systems can even prevent unauthorized photocopying of sensitive documents (see Firewall Protection for Paper Documents).
So why don't government agencies and companies use RFID to secure sensitive assets? I think it's because they have a lot of other more pressing issues, and until a problem arises, people don't think they have to spend money on RFID for security. Los Alamos is now looking at using RFID to track hard drives and make sure they are disposed of properly. And I was recently contacted by someone from the National Archives looking for advice on how to use RFID to secure documents.
So the question senior executives should ask themselves is this: Should I wait until secrets are lost or stolen to deploy RFID technology, or should I consider using it today to avoid what could be a very serious problem? I bet even my e-mail correspondent's son knows the right answer to that one.
Mark Roberti is the founder and editor of RFID Journal. If you would like to comment on this article, click on the link below.