[ISN] IRS Computer Security Still Lax

From: mea culpa (jerichoat_private)
Date: Wed Jan 27 1999 - 08:49:44 PST

  • Next message: mea culpa: "[ISN] Why Intel's ID tracker won't work"

    Forwarded From: Ama-gi ISPI <ispi4privacyat_private>
    Courtest of ISPI Clips 8.43
    IRS Computer Security Still Lax
    by Polly Sprenger
    After they finish with the headache of preparing annual forms, most
    taxpayers trust that their information is safe enough in the hands of the
    Internal Revenue Service.  But a new report from the General Accounting
    Office could have taxpayers more concerned. 
    The report states that although security for the IRS computer system has
    improved since the GAO's last audit, serious issues still haven't been
    "These weaknesses exist primarily because the IRS has not yet fully
    institutionalized its computer security management programs," the report
    concludes. "Sensitive taxpayer data entrusted to the IRS could be
    disclosed to unauthorized individuals ... thereby exposing taxpayers to
    loss or damages resulting from identity fraud and other financial crimes." 
    The GAO said the agency could not control physical or electronic access to
    sensitive computing systems, and didn't have software to detect when an
    electronic hack had occurred on the system. The report also said the IRS
    didn't have a thorough disaster recovery plan. 
    The report is in response to a Senate inquiry into IRS security abuses and
    deficiencies launched by Senators John Glenn (D-Ohio) and Fred Thompson
    (R-Tennessee) in April 1997. 
    The report said that since the GAO's audit, conducted at six unnamed
    regional IRS offices, 63 percent of the agency's deficiencies have been
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:24 PDT