Moderator: Should we be doing security clearances or background checks for people who are responsible for systems?

Julie Leeper: In the Office for Technology, all of our professionals are ID'ed and fingerprinted. It's not an overall statewide policy, but I've worked in four agencies and in two of those four agencies fingerprinting was a policy if you were in a policy-making position or a steward of data of any secure nature. So I think that's already happening in a lot of agencies.

Alex Roberts: It's often quoted that greater than 80 percent of all security intrusions and threats take place from internal employees. But I think we will also find that in a vast majority of those cases there is no prior criminal record or prior criminal history. That doesn't necessarily mean that that's an indication of the security worthiness of an employee. That's why we train employees in the appropriate use and signs of abuse of information. Now on the issue of staffing, frequently we think of government agencies in terms of their service missions. But most, if not all, of our governmental institutions today are critically involved with information, not just services. The services depend on information and information systems. And we can't stint the human beings that run those information systems or keep them from moving forward without having an impact on the bottom line of the services.