Blog

 
     

Congressional IT Contractor Didn’t Pass a Background Check

By Michael Klazema on 5/15/2018

An IT contractor who had access to email servers for United States House of Representatives members worked without a background check, according to a report from security and risk management publication CSO. The contractor, Imran Awan, is currently facing fraud charges and a class-action lawsuit.

Emails leaked as part of the 2016 Democratic National Committee (DNC) hack indicate Awan was a go-to source when members of the House of Representatives needed IT assistance. Reps would contact Awan if they forgot their passwords. The CSO article indicates roughly 80 members of Congress had contact with Awan over the years.

Given this role and its inherent access to sensitive information, Awan appeared to be in line to obtain a government security clearance—or at least undergo a thorough background check. According to CSO, workers who are members of the “Congressional administrative staff” are not required to obtain national security clearances but are expected to undergo background checks. The Committee on House Administration guidelines include a section concerning shared staff—the category into which Awan would fit—and the vetting expectations for those employees.

Based on Congressional guidelines, Awan should have at least passed a “Capitol Police Criminal History Records Check.” This type of check would be the equivalent of a state criminal history check for the District of Columbia. The CSO article does not mention whether Congressional administrative staff are supposed to have any screenings beyond this criminal check—such as criminal searches outside of Washington, D.C.employment verification checks, or identity checks.

Why was Awan’s background check overlooked? The answer might be found in the wording of the Committee on House Administration guidelines. The guidelines state “it is recommended that Member and Committee offices” request a background check for shared employees due to the sensitive information those employees often access during their work. “Recommended” is the key word in that sentence: Congressional departments are not technically required to conduct background checks on shared administrative staff.

When authorizing someone to provide IT services, a House member can conduct the background check, but they can also check a box that says, “I have verified that a trustworthiness determination has been made on behalf of this shared resource by another Member.” In other words, if another member has already run a background check on a “shared resource,” that member can offer an attestation of trustworthiness for the resource.

Evidence shows many Congress members used this method to approve Awan to provide IT resources. However, no one could identify who initially attested to Awan’s trustworthiness, which means no one can verify a background check ever took place.

Awan is currently under investigation for bank fraud and potential involvement in a “cyber breach operation” during his time as a Congressional aide. There have also been accusations that Awan accessed information or servers he shouldn’t have, something that may have been prevented had he been required to pass a background check.

 

Sources: 

https://www.csoonline.com/article/3268236/security/no-congressional-background-check-for-it-contractor-charged-with-fraud.html

http://www.foxnews.com/politics/2018/05/04/ex-dem-it-aide-imran-awan-s-case-hit-with-repeated-delays-as-feds-probe-new-allegations.html


Tag Cloud
Categories
Recent Posts

Latest News

  • November 20 The #MeToo movement is bringing about legislative changes employers need to know about. We review some of the laws recently passed in California.
  • November 15

    Replacing an inconsistent array of procedures, Ontario's government has passed into law a reform act intended to clarify how police departments should handle requests for information to be used in background checks. 


  • November 14 The federal government has vowed to cut its backlog of security clearance background checks in half by spring. Currently, the backlog is approximately 600,000 names strong.
  • November 08 A Texas-based company was found to be supplying landlords with inaccurate background check results, potentially affecting housing decisions. The company must pay a record-setting settlement.
  • November 07 Orange Leaf Frozen Yogurt brand trusts backgroundchecks.com to perform the crucial function of background checks on job candidates before extending offers of employment.
  • November 06 The man previously responsible for running background checks on New York City’s school bus drivers says the city’s Department of Education has been pushing back against more thorough checks. The DOE reportedly circumnavigated proper bus driver vetting channels for most of the spring and summer this year.
  • November 06 If you have a series of speeding tickets or other traffic violations, do you need to disclose them as criminal history?
  • November 01 South Carolina's legislature recently adopted a measure to expand access to expungement opportunities for the state's ex-convicts, but other gaps in the process remain. Advocates disagree on how to address the problem to protect offenders as well as the public.
  • October 31 Background checks will show different things depending on the type of check. Here are a few ways employers can use background checks to learn about candidates.
  • October 30 The Pentagon recently disclosed a breach that exposed the personal information of roughly 30,000 personnel. The government blamed the breach on a contractor, calling into question background check policies for federal government vendors.