One of the more striking differences (to me, anyway) is the general attitude towards our network ID cards. All the government computers in the office are equipped with card reader USB devices, and everyone who works here is issued an encoded electronic card that gets slotted into the reader whenever you want to log on to the computer. No card, no access, blah blah blah, is a pretty standard security measure and they generally impress upon everyone how important it is to keep careful track of your card. If you lose it, it is a big unpleasant rigmarole to get another one.
I had one at the first gig, turned it in at the end of the contract, and got a new (identical) one for my current gig. The difference, as I said, is in how the two different offices approach the issue of “keeping careful track”.
At the first gig, they were hyper-obsessed with the security of the access cards, which may very well have been due to the fact that it was a young agency and thus trying very hard at the organizational level to be compliant with the letter of every law while struggling every day to justify its own existence. That agency had a Chief Information Officer (the head of IT) and a Chief Security Officer who had cause most days to move about the office building from floor to floor, roaming the rows of the cubicle farms, in the course of their duties. As they traversed the office, they would glance into every empty cubicle and open office, to see if the person who worked there had properly locked their computer and taken their access card with them when they stepped away. If the access card was sitting unattended in the reader, the CIO or CSO would take it. Yoink! And when you got back to your desk you would find yourself unable to unlock your computer and do any work, until you went to the CIO or CSO and got your card back. And of course they would let you wriggle on the hook for a while, and extract repentance and promises to never do it again, with something approaching sadistic glee. (Ah, government lifers.) The CIO and CSO had actually turned card-harvesting into an ongoing friendly wager, and they would compare how many each of them yoinked every week, and whoever had yoinked the most in a given month would win a lunch off the other. When I worked that gig I literally worked in a constant state of queasy fear that I would accidentally forget to take my card with me if I so much as ran to the water cooler, and I never deliberately left it sitting in the reader unattended. Once in a while I did forget, and more than once I placed a panicked cell phone call after I had left for the day to ask one of my nearby colleagues to grab the card I had absentmindedly left behind, because it was far better to retrieve the card from a co-worker than from the cackling Torquemada-esque CSO or CIO. I repaid those kindnesses myself a few times, as well, securing someone else’s card to save it from the roving officers of doom. It was very much an us-vs.-them mentality.
But that was then, and this is now, and I realized recently that at the current gig I can brazenly leave my card in the reader and wander to the mini-fridge, or the printer, or even as far away as the restroom, and no one is going to do any yoinking whatsoever. The general rule about securing your card at all times is as much in effect here as it was in the environment I first learned it, but there’s no enforcement here, no ever-present specter of fearsome security vengeance. And it’s quite nice to be able to breathe easy on that front after nearly three years of low-grade subliminal dread.
So of course, no sooner do I think that than I commit TWO completely different glaring security violations in rapid succession. You are going to accuse me of manipulating the timeline of events here to suss out a compelling theme for this post, but I swear this is how it went down.
I actually have two computers at work, one connected to a non-secure network and the other to a security-clearance-required network. The high-security machine has a removable hard drive which is supposed to be stored in a locked file cabinet every night. I’ve always been compliant with that until last night, when I left for the day without locking up my high-security hard drive. So when I came into work this morning, the hard drive was gone, and a note was on my machine, signed by a co-worker who had locked away my hard drive for me. All in all, that’s not the end of the world, but it’s embarrassing (it caused me to wriggle on my own hook, I guess) and a little inconvenient, because my colleague came in later than I did and I had to wait on him to get the drive back. But ah well.
Then, around 10 o’clock this morning, there was a safety drill for the entire office building. It started out as a “shelter in place” drill in which everyone was supposed to grab their safety hoods (which are low-tech items consisting of a plastic bag, a chemical-filtration brick and a snorkel mouthpiece that are supposed to buy you enough time to get out of a building filled with toxic smoke, and which became standard-issue after 9/11, no joke) and gather in the conference room because it is “away from exterior windows”. Fortunately we did not have to put the hoods on, just carry them, sit, and wait. (I spent about ten minutes deleting text messages from my cell phone, where I had somehow stockpiled about a hundred and sixty or so.) The “shelter in place” segued into a more traditional fire drill involving evacuating the building via the stairwells and then proceeding to the alternate assembly point – usually we assemble at the courtyard of the next office building up the street but I learned today that the alternate point is a small park about three blocks away, right at the foot of the Key Bridge. When we got to the park, I wandered around looking for my team but not looking terribly hard. Eventually I found them, and that’s when I was informed that I’m the most non-compliant punk ever to take up space in a federal place of employment. (OK, those exact words were not spoken per se, but the implication was pretty clear.)
For one thing, there is a sign-in sheet for the office where everyone is supposed to mark themselves as present every day they are in the office. For months when I first started camping out at this particular desk I had no idea this sign-in sheet existed, but someone finally hipped me to it recently, and I did actually start signing in. But I forgot to do so today (and combined with forgetting to put away my hard drive last night, this really makes me start to wonder why I’m in such a daze at work this week), and again that wouldn’t be a terribly big deal, but the primary purpose of the sign-in sheet is so that if anyone needs to do a headcount – say, just as a random example, once everyone reaches the assembly point during a fire drill – the headcounter knows whose heads to look for and who isn’t even around to be counted. Not only had I not included myself for disaster-readiness headcounting, which was mitigated slightly by the fact that everyone on my team saw me sheltering in-place in the conference room, but then I was extremely lackadaisical about checking in at the park, which is something we are all supposed to take responsibility for as well. Apparently. Again, I was never really given a proper orientation for these kinds of things anyway.
So I’m not going to get my Make-Believe Chemical Attack Merit Badge, it seems. Or if I do, I’ll know that’s a sure sign I’m about to get relocated to a different office anyway.
No comments:
Post a Comment