http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9016078 By Robert McMillan April 09, 2007 IDG News Service After an auditor found serious security problems in the way it handled sensitive data on laptops, the Internal Revenue Service said it will have all laptops encrypted within the next few weeks. Speaking in an interview with National Public Radio over the weekend, Internal Revenue Service Commissioner Mark Everson said his organization was making the effort following a recently released audit that found unencrypted data on a large percentage of IRS laptop computers. "What the report showed, which was correct, was that we weren't taking the proper steps to protect some laptops," Everson said. "We've worked to encrypt all of the laptops and that's just about done. We've got a couple dozen more we've got to finish up in the next few weeks." Auditors tested 100 laptop computers used by IRS employees and found that 44 of them contained "unencrypted sensitive data, including taxpayer data and employee personnel data." The audit was conducted by the Treasury Inspector General for Tax Administration. It also determined that nearly 500 IRS laptops went missing between Jan. 2, 2003 and June 13, 2006. A 2003 audit found similar problems within the IRS. Everson defended his department's security practices, however. "Every day there are attempts to get into our databases," he said. "And there has never been a penetration of the IRS databases from the outside." __________________________ Subscribe to InfoSec News http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Apr 09 2007 - 23:37:23 PDT