By Libby Lewis, CNN
Editor's Note: Listen to the full story in our player above, and join the conversation in our comments section below.
(CNN) – You may know that Edward Snowden was a system administrator for the NSA contractor he worked for – Booz Allen Hamilton.
You may even know that system administrators are responsible for nearly a third of the data breaches committed by insiders, because, as computer security expert Robert Richardson puts it, “they hold the keys.”
But here’s one thing you might not know: Snowden didn’t need the authority and access that he had to do his job.
Richardson, who is editorial director of a website called Search Security.com, says:
“You would expect for him to have been prevented by encryption or other means from actually seeing the contents of these documents. From what I understand, he wasn’t somebody that was interpreting the information. Therefore there was no particular reason that he should be able to read it.”
Another big question, and it’s something that investigators are intently focused on right now: why was Snowden able to copy those files?
“Increasingly, organizations are using tools like data loss prevention – the idea there is not that he doesn’t have access to it, but when he tries to copy it to a USB drive to take to Hong Kong, we’re going to catch that…”
If a lot of private companies are using data loss protection tools, you would think the NSA would be, too.
So this all raises questions about internal security within the NSA and its contractors. And wouldn’t you know it? NSA Chief Keith Alexander will be on Capitol Hill on Wednesday.