Wrong - it wasn't that simple.
In December 2007, the city‟s Human Services Agency (HSA) experienced a
power outage. When power was restored, its computers could not connect to
FiberWAN—the configurations of its CE device had been erased because they had been
saved to VRAM. Childs reloaded the configurations and got the system reconnected.
When the HSA information security officer learned that the CE configurations had been
stored in VRAM, he protested to Childs that this was unacceptable. Citing security
concerns, Childs explained that he wanted to prevent a physical connection to the CE that
would allow someone to obtain the configurations using the password recovery feature.
He suggested disabling the password recovery feature instead; the information security
officer agreed. Tong also agreed to this solution, as it would address a concern about
hacking into the HSA‟s CE device. Soon, Childs disabled the password recovery feature
on all CE devices citywide, and there were no backup configurations on any of the city‟s
CE devices. As the password recovery feature could not be disabled on core PE devices,
Childs erased their configurations that had been stored on NVRAM.