http://www.billingsgazette.net/articles/2006/06/20/news/state/24-computer-audit.txt By The Associated Press June 20, 2006 HELENA -- The state computer system building, and the taxpayer information and other sensitive data it holds, are vulnerable to security breaches, legislative auditors told lawmakers Tuesday. The audit came one day after the state computer system's second failure in less than a month. The computer system for much of state government, including servers and key network systems, is housed in the basement of a 60-year-old building that is not completely secure, legislative auditors said. The computer systems are behind a door that requires an access keycard, but the wall does not extend to the ceiling, the audit said. Legislative Audit Division staff said the computer center relies on "security through obscurity." State Chief Information Officer Dick Clark said his staff has developed a series of quick deadlines to meet improvements suggested by the auditors. The governor's office also has talked about constructing a new building for the computer system. Lawmakers said the lack of security is a big problem because state computers warehouse a lot of sensitive data, including complete records on taxpayers and others. "I think this is some pretty serious stuff," said Rep. Dee Brown, R-Hungry Horse. Clark said his agency also is reviewing the credentials given to people who have access to the computer system's location. Auditors made a number of suggestions, including the need for a better inventory of all the systems and data in the computer center, more intense security precautions, and strengthened safeguards to mitigate risks associated with earthquakes or flooding in the building's basement. The shutdown of the computer system on Monday had nothing to do with security. The system shut itself down after a fire alarm went off in the building and fire extinguishers released a chemical to suck oxygen from the air. The equipment was brought back on line late in the afternoon. In late May, most of the state computer system went down for a day when a major piece of network equipment failed. Copyright © The Billings Gazette _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu Jun 22 2006 - 01:04:09 PDT