|
||
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
U.S. FEDS FALL SHORT ON COMPUTER SECURITYSource: United Press InternationalPosted on June 12, 2007 The 24 U.S. federal agencies continue to have significant weaknesses in protecting their information systems from intruders. While the high-profile loss of laptops and computer storage devices with sensitive data like Social Security numbers receive much public attention, the Government Accountability Office says there are other ways - less noticeable but equally dangerous - that federal computer systems are left vulnerable by the people assigned to secure them from intruders. The GAO says 22 of 24 federal agencies fall short in computer security, and the inspectors general of a majority of the agencies dispute the data they offer to demonstrate they are complying with information security best practices. For instance, 19 agencies report that between 96 percent and 100 percent of their employees receive information security awareness training. The inspectors general report that number at just 10 agencies. Another 10, according to the IGs, have trained between 81 percent and 95 percent. The IGs and agencies agree that at two offices 71 percent to 80 percent of the employees have received the training. The IGs report that at two other agencies - all of which are unidentified in the report - fewer than 70 percent have received security training. In a computer network, it only takes one vulnerable entry point to gain access to entire systems. "If all agency employees and contractors do not receive security awareness training, agencies risk security breaches resulting from employees who are not fully aware of their security roles and responsibilities," the GAO report states. GAO says the most common security vulnerability is a failure to prevent, limit or detect access by outsiders to supposedly protected computer networks. "Agencies did not consistently identify and authenticate users to prevent unauthorized access, apply encryption to protect sensitive data on networks and portable devices, and restrict physical access to information assets," the report states.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |