Forwarded From: Ama-gi ISPI <ispi4privacyat_private> Courtest of ISPI Clips 8.43 IRS Computer Security Still Lax http://www.wired.com/news/news/business/story/17347.html by Polly Sprenger After they finish with the headache of preparing annual forms, most taxpayers trust that their information is safe enough in the hands of the Internal Revenue Service. But a new report from the General Accounting Office could have taxpayers more concerned. The report states that although security for the IRS computer system has improved since the GAO's last audit, serious issues still haven't been addressed. "These weaknesses exist primarily because the IRS has not yet fully institutionalized its computer security management programs," the report concludes. "Sensitive taxpayer data entrusted to the IRS could be disclosed to unauthorized individuals ... thereby exposing taxpayers to loss or damages resulting from identity fraud and other financial crimes." The GAO said the agency could not control physical or electronic access to sensitive computing systems, and didn't have software to detect when an electronic hack had occurred on the system. The report also said the IRS didn't have a thorough disaster recovery plan. The report is in response to a Senate inquiry into IRS security abuses and deficiencies launched by Senators John Glenn (D-Ohio) and Fred Thompson (R-Tennessee) in April 1997. The report said that since the GAO's audit, conducted at six unnamed regional IRS offices, 63 percent of the agency's deficiencies have been corrected. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:24 PDT